Spinwell Global Limited

Open CRM

Our customer relationship management (CRM) system that helps businesses collect, store, and analyze customer data. It serves as a database for managing information about current customers, leads, business partners, suppliers, and employees. By organizing interactions and providing tools for sales, marketing, and support teams, enhancing understanding and strengthening customer relationships.

Features

• Customisable Dashboards
• Accounts and Contacts Management
• Workflow Management
• Customer Support
• Reporting and Analytics
• Marketing Automation
• Telephony Integration
• Customisation
• Sales Automation
• Extensions

Benefits

• Personalised dashboard to view business performance, tasks, key information
• Effectively manages customer, lead, and business data.
• Automates actions based on conditions (e.g., emails, record updates).
• Email-to-case, portal, and knowledge base features.
• Insights through reports and dashboards.
• Campaign management and mass email integration.
• VoIP system integration for communication.
• Create custom entities, fields, and layouts.
• Streamlined lead conversion and opportunity tracking.
• Enhance functionality with installable extensions.

£300 an instance a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pritesh@spinwellglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

987332166916286

Contact

Pritesh Raikundalia
02035102750
pritesh@spinwellglobal.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Support is provided for all deployment models. Maintenance arrangements are tailored to each client.
• System requirements:
  • PHP 8.1+
  • MySQL 5.7+
  • MariaDB 10.2+

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Response times L1 & L2 Less than 45 mins, L3 2 Hours UK Business hours Mon - Fri 08:30 - 17:00 Weekends are available to all clients at a agreed cost 24/7 Support is available at an agreed cost
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: L1 Simple phone enquiries for password reset etc L2 Config issues and to help onsite client analyst in creating new workflows L3 Major changes to config or issues resulting from User Analyst changes and required training and report provision on new data sets Both an Account Manager (Technical Architect) and Technical Support are provided
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We customise the onboarding to each client by providing onsite or online training.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Data can be extracted directly from the platform, or a database dump can be provided.
• End-of-contract process: After the client is sure that all data has been transferred, the platfrom is simply shutdown and deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: CRM platfrom has been built with responsive design
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Our platform is a single-page application, and the frontend communicates with the backend using REST API calls.; All operations performed via the UI can be implemented through API calls in your preferred programming language.; To understand how the API works, you can trace network activity in your browser console (press F12 to open the console).; Most API functions return data in JSON format.; The REST API covers various functionalities, including CRUD operations, related records, currency rates, attachments, and more.; Authentication Methods:; The platform supports multiple authentication methods for API access:; API Key Authentication: Simple method using an API key.; HMAC Authentication: More secure method involving hashing.; Basic Authentication: Not recommended but available for regular users.; It’s advisable to create a separate API User with specific permissions for API calls.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: We provide consultancy to allow customisation of the whole platform

Scaling

• Independence of resources: Our platfrom is deployed indipendently for each customer.

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics can be provided depending upon the deployment method. Metrics include virtual machine performance, database size and alerts.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Letrium Ltd

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Other
• Other data at rest protection approach: For hosted implementation (AWS), volumes are encrypted.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The platform provides data export within its interface
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: The deployment can be cloud, hybrid cloud or on premis. Data protection is determined by the location of the platform.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Each platform is launched within its own environment.

Availability and resilience

• Guaranteed availability: Availability and resilience is determined by the deployment model specified by the client. Service levels are agreed based upon a risk/cost modele agreed with the client.
• Approach to resilience: This is available upon request
• Outage reporting: Outages are reported via a realtime dashboard and email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: OpenID Connect (OIDC)
• Access restrictions in management interfaces and support channels: In management interfaces and support channels, access is restricted through several measures to enhance security and control. These include role-based access control (RBAC), where permissions are assigned based on user roles (e.g., admin, manager, agent). RBAC ensures that only authorized personnel can perform specific actions. Additionally, multi-factor authentication (MFA) adds an extra layer of security by requiring users to provide multiple forms of identification (e.g., password and SMS code). Regular auditing and monitoring help detect unauthorised access attempts.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: OpenId Connect (OIDC)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 02/11/2022
• What the ISO/IEC 27001 doesn’t cover: Hardware design and manufacture
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our high-level information security policy serves as a foundational document. It outlines our commitment to safeguarding data, compliance with industry standards, and the roles and responsibilities of stakeholders. This policy is regularly reviewed and shared with all staff members.; ; We adhere to the ISO 27001 standard, which provides a robust framework for managing information security. Our policies align with ISO 27001 requirements, ensuring that we follow best practices in risk assessment, controls, and continuous improvement.; ; Our approach provides clarity and ownership:; ; Information Security Officer (ISO): Oversees policy implementation.; Security Team: Implements controls and monitors compliance.; Management: Provides leadership and resources.; Staff: Follows policies and reports incidents.; Auditors: Conduct regular audits.; We employ several strategies to ensure policy compliance:; ; Training and Awareness: Regular training sessions educate staff about security policies and their importance.; Monitoring and Auditing: Internal audits verify adherence to policies.; Incident Reporting: Staff promptly report security incidents.; Continuous Improvement: We review and update policies as needed to address emerging threats.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Each client is a bespoke configuration. We typically arrange a staging environment for the client where any updates are carried out and tested, before being released to the client for their internal testing. Once approved the updates are implemented in the live environment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The platform usually sits Engine sits within the client estate and is therefore secured to the same exacting standards that the client has attained Clients Host and operate their own Integration Components so internal security protocols and architecture practices apply and the platform will fit into Client security framework.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Service Desk based Clients Host and operate their own Integration Components so internal reporting processes will apply with escalations to our Support Desk Regular Monthly / Quarterly Account Reviews held with Outage Reports and Root Cause Analysis plus prevention actions taken.
• Incident management type: Supplier-defined controls
• Incident management approach: Service Desk based Clients typically host and operate their own environment so internal reporting processes will apply with escalations to our Support Desk Regular Monthly / Quarterly Account Reviews held with Outage Reports and Root Cause Analysis plus prevention actions taken

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Spinwell have gone beyond Carbon Neutral, we are classified as being Carbon Negative offsetting 10% more Co2 than we create. Please see our statistics at https://teams.earthly.org/profile/Spinwell-Global We support the Governments Net Zero policy and have completed the PPN0621 plan (available on request) The implementation of our Work-From-Home Policy means that with less employee commuting and zero office space, we have one of the lowest Co2 outputs of any business in our field. We also work in a paperless environment and have zero business waste as well as making sure that we purchase recycled electronic goods.

  Covid-19 recovery

  Spinwell support the economy and societies recovery from COVID-19 by continuing our Work-From-Home policy(WFH). This means that we are discouraging the outbreak of fresh disease through Social Distancing and we assist with people’s recovery by supporting mental health via our BUPA Employee Assistance Hotline which is accessible to all staff 24/7. These two steps help to ease the burden on the Country’s Health and Care services. We supply CPD Level training on COVID-19 and its transmission to help with prevention.

  Tackling economic inequality

  Our WFH Policy means that people with an economic or physical disadvantage find it easier to gain employment with Spinwell. We believe in empowering our staff so we promote from within. We provide training to help people with any skills gap they may have. These are to a CPD level and are thus recognised across many industries. We work with many startups and small businesses in our supply chain, especially in the software/tech/disruptive space. This creates a diverse supply chain which also encourages startups and spreads business to SME’s like ourselves

  Equal opportunity

  Our policy of equal opportunity employment will continue to be a central tenet of our company ethos. We will use our policy of Working-From-Home (WFH) to cast as wide a geographical footprint across the country as possible, this also enables people of all abilities to work for us. We use gender bias detection software in our advertising and our working conditions are very inclusive, we train our staff to a CPD level, also helping us to tackle workforce inequality.

  Wellbeing

  Spinwell are strong believers in the mental health of our staff, we are certified to ISO 45003:2021 which concentrates on Occupational health and safety management. This means that we assess psychosocial risks to our workforce and the best ways to mitigate them. As part of our well being package we give our staff access to the BUPA Employee Assistance Hotline. Our meetings are also designed to encourage staff to feedback on any issues that may be affecting them. We also actively encourage a healthy work life balance so staff have no access to email on personal devices, we expect all leave to be utilised annually in a use-it-or-lose-it scheme, and we train staff on how to work in a healthy manner, including desk set up, identifying stress in the work place and how to work effectively in a Work-From-Home environment.

Pricing

• Price: £300 an instance a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We are happy to setup a staging environment for prospective clients.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pritesh@spinwellglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.