Unity World Ltd

Mybe Time and Attendance

* Track daily time & attendance - Quickly and easily log in/out of timesheets to create comprehensive records
* Holiday requests & management
* Record sickness/ absenteeism
* Fully customisable - setup departments, shift patterns, company closures and more.
* End of the month approval processes to eliminate timesheet issues

Features

• clock in and out via a web interface
• monthly approval process
• holiday calendar & holiday request & approval process
• Sickness & absence management
• return to work recording & process
• simple & easy to use
• web based so suitable for remote workers

Benefits

• improved accuracy: eliminates manual timesheet errors
• Reduced administrative burden
• Saves time for both employees & managers
• reduced costs: no paper & printing costs

£6 a user a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Matt@Unity.world. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

968507632891659

Contact

matthew mcintyre
03301196666
Matt@Unity.world

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Requires access to internet, Wifi or mobile data to work
• System requirements: Access to internet connection/ Wi-Fi/ data usage

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Tickets are responded to within 2 hours.; ; SLA's are different at weekends - there is still email monitoring for support issues but out of hours support is an extra cost
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide remote support only via phone, email or MS Teams.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We can provide user documentation and for additional costs training via MS Teams.; We will aid with onboarding as part of the setup process - this will include importing all users, defining shift patterns and rules around the system - based off your input of course.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: N/a
• End-of-contract process: Access to the system is included in the price of the contract. At the end of the contract you cannot access the system anymore

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: N/a
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Settings such as shift patterns (days & times worked), notifications, who approval should go to, holiday options (1/2 day holidays, holiday in lieu, unpaid holidays), days/ dates the business is open/ closed; ; users with admin role can customise.; ; Bespoke customisation is optional too but would attract additional charges, these would be assessed on a case by case basis.

Scaling

• Independence of resources: Our software is tenanted. Our software is hosted in a start of the art data centre served by an industrial level internet connection. We have flexible storage solutions so that regardless of numbers accessing the data and processing information users wont be affected.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: In-house
• Protecting data at rest: Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: They don't - exporting data is not part of this system
• Data export formats: Other
• Other data export formats: Not applicable
• Data import formats:
  • CSV
  • Other
• Other data import formats: We will import data as part of the onboarding process

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We offer a 4 hour response time (in office hours only).
• Approach to resilience: This information is available on request and meets ISO27001 as a minimum base line
• Outage reporting: Email Alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: To restrict access in management and support channels, we use a Oauth2 authentication together with supplier defined, application specific role management controls. This is delivered at a resource and action level, providing the ability to control access of all users to a specific resource and action within an application.
• Access restriction testing frequency: Never
• Management access authentication: Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Centre for Assessment
• ISO/IEC 27001 accreditation date: 25/10/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow the ISO27001 framework and have the following policy documents: Information Security Policy Information Security Incident Policy Acceptable use policy Access Control Procedure Backup Plan Business Continuity Plan Confidential Data Policy Data Protection Policy Clients and Staff are promoted to discuss any incidents or updates on a daily basis to their line manager. This is then passed to the senior management team on a weekly basis where all incidents can be reviewed accordingly. Our ISMS are reviewed regularly by the technical management team and audited annually in line with ISO 27001:2013.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: A formal change control process is documented and followed, with security a member of the Change Approval Board to monitor security impact of changes
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We assess potential threats to our services through our day to day operations and policies created and implemented during our ISO 27001 accreditation process. All vulnerability's are recorded within the ISM vulnerability log along with how this is discovered. Patches are deploy when needed and after testing and reviews for potential weaknesses.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We use an authenticator (fusion Auth) to control access. ; Potential compromises are identified by active monitoring; Incidents are responded to upon discovery/ notification. How quickly they are resolved depends on the issue at hand.
• Incident management type: Supplier-defined controls
• Incident management approach: Customers generate support tickets by emailing our support inbox or by calling our support line. Tickets are allocated to the necessary support time and engineer using our internal ticketing and support system. Customers are updated on the status of their ticket through email and on the system. An incident report can be provided on demand and bespoke to the customer and their incident.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  This system is web based and 100% digital and is aimed at organisations who use paper based timesheets. Using our system will reduce paper in these organisations. Paper timesheet records are very inefficient and because timesheet records need to be kept for a minimum of 2 years they cannot be reused.

  Covid-19 recovery

  We believe in the power of cloud computing to generate a post-covid recovery. With increased emphasis being placed on hybrid working, our cloud services, security services, and support ensure that companies have the tools they need to develop post-covid.

  Equal opportunity

  The aim is for our workforce to be truly representative of all sections of society and our customers, and for each employee to feel respected and able to give their best. The organisation - in providing goods and services, is also committed against unlawful discrimination of customers or the public. This includes delivering on going training about their rights and responsibilities from within our policy which can be provided upon request.

  Wellbeing

  Our system supports employee wellbeing through its ability to manage employee absenteeism. With the functionality to identify return to work processes, the system creates insight into when RTW meetings needs to be done in line with their internal processes.; ; The system supports and delivers office functionality from remote locations with an internet connection. This promotes home working and an improved work life balance. Unity has a robust health and safety policy which helps to promote well being and mental health within our workforce. Managers are instructed to actively look for the signs of stress and anxiety - and staff are provided a forum to discuss problems with line managers and upper management. We are delivering a continuous improvement to our employee work life balance and is delivered as per our Work life balance policy which include improving the employee value proposition.

Pricing

• Price: £6 a user a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free 30 day trail of full system.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Matt@Unity.world. Tell them what format you need. It will help if you say what assistive technology you use.