Eploy Applicant Tracking System & Recruitment CRM

Eploy Applicant Tracking System is the complete ATS recruitment platform for NHS, Central Government, Local Authorities, Education and the Public Sector. Eploy combines Applicant Tracking System, Talent CRM (Candidate Relationship Management), Talent Pools and Analytics and careers site with integrations for IDVT, HRIS, assessments, background checking and multi-posting


  • Job requisition & approval management
  • Talent pooling & pipelines
  • Candidate attraction, recruitment marketing & job posting
  • Candidate relationship management & talent nurturing
  • Applicant tracking system (ATS)
  • Recruitment process workflows & optimisation
  • Candidate assessment and video interviewing
  • Job offers, onboarding & electronic signatures
  • Recruitment analytics & dashboards
  • Compliance features for GDPR & name-blind hiring


  • Accelerate your time to hire
  • Reduce your cost of hire
  • Enhance your candidate experience
  • Improve your quality of hire
  • Communicate your employer brand
  • Build and nurture talent pools
  • Manage your PSL vendors efficienty
  • Improve your employee on-boarding
  • Measure your recruitment processes in real-time with Eploy ATS
  • Reduce unconscious bias with name-blind recruiting


£655 an instance a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bruce.groves@eploy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

9 4 6 6 6 6 2 5 0 7 0 3 5 7 2


Eploy Bruce Groves
Telephone: 0800 073 4243
Email: bruce.groves@eploy.co.uk

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
Maintenance Events that may require interruption to the Services shall not be performed during N.B.H unless otherwise agreed to by the Customer. Eploy may interrupt the Services to perform emergency Maintenance Events at any time (including during N.B.H).

Maintenance Events include security updates, point releases, and version updates (typically 2-3 version updates a year). Eploy shall use all reasonable endeavours to avoid downtime for Maintenance Events.

Eploy provide release notes and opportunity to evaluate new versions . Eploy coordinate the day/time of the update with you to avoid disruption. Updates may require additional Services to take advantage of new features.
System requirements
Standard web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Priority 3 Customer has a question regarding the use of the Services. Within 8 Normal Business Hours.
Priority 4 Certain non-essential features of the Services are impaired while most major components of the Services remain functional affecting any part of the user base.Within 8 Normal Business Hours.
Priority 5a Errors that are, non-disabling or cosmetic and clearly have little or no impact on the normal operation of the Services. Within 2 Business Days after initial response.
Priority 5b Requests for new features/functionality that does not exist in the current version of the Services , Within 5 Business Days
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Eploy shall provide at least a 99.9% uptime service availability level (Uptime Service Level). This availability refers to the Customer's ability to access the Eploy Recruitment System, as the Customer is responsible for its own Internet access. Availability does not include Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not within Eploy's control.
Support available to third parties

Onboarding and offboarding

Getting started
Eploy provides both onsite and online training. Eploy also has a dedicated training facility at the company's headquarters in Kidderminster. Full user documentation is also provided and training videos are available 24/7 within Eploy's online support centre. Eploy provide a standard implementation service to ensure the successful on-boarding of new customers - this is based on Eploy's proven Implementation Methodology.
Service documentation
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
At the end of the contract Eploy can provide the customer with a full data backup as per Eploy's back-up policy and MSA.
End-of-contract process
(a) all licences and access to the Services granted under this agreement shall immediately terminate; (b) each party shall return and make no further use of any equipment, property, Documentation and other items (and all copies of them) belonging to the other party; (c) Eploy may destroy or otherwise dispose of any of the Customer Data in its possession unless Eploy receives, no later than 10 business days after the effective date of the termination of this agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. This will be delivered to the Customer in accordance with the Eploy Backup Policy and within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by Eploy in returning or disposing of Customer Data.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
No key differences, Responsive Web Design is used for all Eploy portal interfaces including portals for candidates, hiring managers and recruiters.
Service interface
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
Eploy provides browser based user interfaces for all aspects of the clients recruitment journey including core recruiter system and dedicated hiring manager, candidate and agency portals.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Eploy candidate portals have been independently verified as meeting WCAG2.1 AA standard by Digital Accessibility Centre. Customers must ensure their own content is WCAG2.1 AA compliant.
What users can and can't do using the API
Eploy’s RESTful API is available as a series of components, each designed to help you to create integrations with the Eploy recruitment platform, including:
Applications - including workflows, questions and answers, assessments & feedback and source of application.
Candidates - Integrate with your candidate profile data to create candidate-centric solutions.
Vacancies - Access vacancies, job descriptions, locations and addresses.
Placements - Including offers, placed candidates, costs, salaries, locations, integrates with HR, Payroll and other back-office systems.
Contacts - Work with Contact records, including contact details, locations and addresses.
Companies - Keep internal & external company, department and structure up to date.
Files - Such as CVs, also includes integrating with Eploy documents and e-signatures.
Actions - Exposes actions, outcomes and statuses from your recruitment workflows.
Users - Work with users and permissions to update system user records and create solutions requiring access control.
Access to the Eploy API requires API keys and uses OAuth2 for authentication. Customers can generate API keys within their Eploy System. Each API Key is tied to a specific user record to ensure that keys only inherit and allow access to the data that the tied user record has been granted permissions.
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Customisation available
Description of customisation
Eploy has many configuration options as standard including drop-down lists, email & document templates, fields, custom workflows and forms (for example screening, application, feedback, surveys etc. Access to configuration options is controlled by granular permissions/privileges.


Independence of resources
We constantly monitor individual customer instance system usage levels, this enables us to increase resources proactively for customers with growing usage profile. Webservers are load balanced using a failover methodology to ensure high availability. All load balancers and firewalls also have redundancy built in.


Service usage metrics
Metrics types
User metrics (users, logins, activities etc.)
Candidate / application metrics (Candidates created, applications, vacancies created etc.)
Database size & bandwidth
Emails sent
SMS sent
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Eploy has a data export utility which enables the export of data as CSV and/or XLS. Alternatively a full SQL backup can be provided on request as per Eploy's backup policy.
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Eploy guarantee a 99.9% uptime service availability level. This availability refers to the Customer's ability to access the Eploy System. Uptime includes the functioning of all network infrastructure operated by Eploy including routers, switches and cabling. Each Customer is responsible for its own Internet access.

Availability does not include Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not within Eploy's control.
In the unlikely event the Customer are unable to access the Eploy System (other than in the event of Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not wholly within Eploy's control) Eploy will refund 5% of the Monthly Fee detailed in the Customer Service Order Form for each 60 minutes of downtime (up to 100% of Monthly Fees payable in any month).
Eploy System downtime begins when a Customer is unable to access the Eploy System and Eploy has been notified of and has acknowledged such failure to the time the Customer is once again able to access the Eploy System.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Eploy includes its own user management and privileges system which enables users who have access to the service to be configured. Granular privileges ensure that each user only has access to the features and data they are responsible for.
Access to Eploy's helpdesk and ticketing system is also managed directly through the Eploy interface, ensuring that only customer nominated support users are able to access Eploy support services.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Schellmann & Company
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
This certification covers the services provided by our hosting provider - Microsoft Azure.
Eploy's Information Security Policies have been certified to the IASME standard. Eploy is IASME & Cyber Essentials Plus certified.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
  • Cyber Essentials Plus
  • Helios Stage 2 FSQS

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Eploy's hosting provider, Microsoft Azure is ISO/IEC 27001 accredited. In addition Eploy's Information Security Management processes have been certified to the IASME standard and Cyber Essentials Plus
Information security policies and processes
Eploy’s Information Security Management System a has been accredited to the IASME standard. The IASME standard is written along the same lines as the ISO27001 but specifically for small companies. The gold standard of IASME demonstrates baseline compliance with the international standard.
Eploy has developed this Information Security Policy to:
Provide direction and support for information security in accordance with business requirements, regulations and legal requirements;
State the responsibilities of staff, partners, contractors and any other individual or organisation having access to Eploy’s information assets.
State management intent to support the goals and principles of security in line with business strategy and objectives.
Provide a framework by which the confidentiality, integrity and availability of Eploy’s information assets can be maintained.
Optimise the management of risks, by preventing and minimising the impact of Information Security incidents;
Ensure that all breaches of information security are reported, investigated and appropriate action taken where required;
Ensure that supporting policies and procedures are regularly reviewed and continual improvement is maintained to ensure progressive good working practices and procedures
Ensure information security requirements are regularly communicated to all relevant parties.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Changes to information resources are managed and executed according to a formal change control process documented within Eploys Change Management and Control Policy (Ref: ESEC-CC-01 - available upon request). The policy includes the change management documentation and risk assessment procedures. In addition, all information assets are controlled in accordance with Eploy's IT Asset Management policy (Ref ESEC-AM-01)
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Eploy is audited by Netcraft on a monthly basis. This involves Netcraft testing our internet infrastructure and supplies us with the information we need to maintain security and eliminate vulnerabilities. The tests include a full TCP and UDP port scan to identify available services on each responding host. Each service is tested for information leaks, configuration errors and potential vulnerabilities. Netcraft’s database of vulnerabilities contains the collective experience gained from testing thousands of networks, using both public security advisories and our own research. It is continually updated, with over 250 new classes of vulnerability added each year.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
As per Eploy's Information Logging Standard (Doc Ref ESEC-CO-01) Eploy supports the formatting and storage of audit logs in such a way as to ensure the integrity of the logs and to support enterprise-level analysis and reporting. Including Microsoft Windows Event Logs collected by a centralised log management system;
Incident management type
Supplier-defined controls
Incident management approach
Incidents are managed in accordance with Eploy's Security Incident and Event Management Procedure (Ref: ESEC-IM-02). In the event of an actual or suspected incident the incident response team informs the effected customer without undue delay (target of within 24 hours) whilst preventing the incident from escalating and retaining information for post-incident reporting.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

At Eploy, we are committed to net-negative emissions. To help us achieve this, we have a rigorous policy for calculating, reporting and offsetting our carbon emissions.  

We consider our entire carbon footprint, specifically those generated by:

Our office premises
Business Travel
Staff commuting
Our cloud data centre platform (Microsoft Azure)

We take the calculated figures TCO2e figures, multiply them (to help us target net negative emissions, and then offset the inflated total by funding Verified Carbon Standard certified carbon reduction programmes at a local, national and global level.
Covid-19 recovery

Covid-19 recovery

The 'COVID-19 Student Response Network', CSRN was founded in the wake of lockdown to bring together talented students from all over the UK with social impact organisations impacted by COVID-19. CSRN works with established student consultancies to secure and scope high impact management consulting projects with organisations driving social impact in regions impacted by crises.

The goal of CSRN is to support as many charities and social enterprises as possible in navigating the challenges brought about by 2020 by bridging the gap between talented students passionate about consulting and social impact organisations in need of support. Since their inception in April, CSRN has managed to bring about the support of over 120 organisations and looks to continue acting as a platform which connects talented students with social impact organisations in need of support.

The scale of the network’s impact to date has amassed them international recognition with the UK Government recently profiling the organisation as an ‘Outstanding Volunteer-led Response to the Global Pandemic’ and Jack Elliott, CSRN’s co-founder & CEO, receiving a ‘Points of Light’ award and a personal letter from the UK Prime Minister, Boris Johnson. In addition to their COVID-19 response, CSRN are also responsible for running one of the world’s largest student-led responses to the Beirut explosion in Lebanon and have recently begun their expansion into Africa targeting their resources first at Rwanda, Zambia, Nigeria & Uganda.

To achieve their ambitions, CSRN recognised the need for a cloud-based talent acquisition platform that would enable them to recruit the very best talent from the student population to work on the expansion of their social impact globally.

Eploy stepped in to provide free-of-charge access to Eploy’s Applicant Tracking System and Recruitment CRM platform, including a web-based careers portal where students can search and apply for current roles .
Tackling economic inequality

Tackling economic inequality

Eploy has been accredited as a living wage employer by the Living Wage Foundation, demonstrating the company’s commitment to being a socially responsible employer.
The real Living Wage is the only UK wage rate paid voluntarily by over 7,000 UK businesses. Real Living Wage employers believe their staff deserve a wage that meets everyday needs, going further than the government minimum and paying all staff the real Living Wage for the real cost of living.
Living Wage rates are higher than the government minimum because they are independently calculated based on what people need to get by.
Living Wage employers report that paying a decent wage, as well as being the right thing to do, has real business benefits. They talked of lower staff turnover and a better bottom line. In addition, staff felt valued, so they went the extra mile
Equal opportunity

Equal opportunity

At Eploy, we are governed by our Equality, Diversity & Inclusion policy. Eploy is committed to encouraging equality, diversity and inclusion among our workforce, and ensuring there is no unjustified or unconscious discrimination in the recruitment, retention, training and development of our staff.

The aim is for our workforce to be truly representative of all parts of society and our customers, and for each employee to feel respected, included and able to give their best.

The organisation - in providing services - is also committed against unlawful discrimination of customers or the public.

Support for helping our customers achieve their E,D & I objectives
Eploy’s recruitment software permits the use of “name blind” applications. Individual names and identifying information are removed from application forms in order to overcome any potential discrimination- conscious or otherwise- in the recruitment process.

We feel that there is still a long way to go to ensure equal opportunities in the work place. By offering name blind applications to customers at no additional cost, we are doing our little bit to ensuring work places reflect our diverse society.


We take staff well being seriously, including fatigue management, and forms part of every daily or weekly 1 to 1 meeting and annual reviews. An extract from our CSR-
From our hard-working, dedicated customer success team, to our award winning development and design teams- our people have made Eploy what it is today, and shape what it will become in the future. We give our employees the tools they need, back them up with unwavering standards of team training. We believe happy, healthy individuals are more productive. Some of the ways we support our employees include:

Continued professional development. We support our employees who want to continue their learning journey both financially and with time to study.
Flexible working locations and hours. We believe that employees thrive when they have the right work/life balance.


£655 an instance a month
Discount for educational organisations
Free trial available
Description of free trial
Eploy can provide a 30-day trial system (extendable upon request) for prospective clients to test the service before purchase. This includes access to all core system functions and features.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bruce.groves@eploy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.