BEYOND HOLDINGS LIMITED trading as Evouchers/Wonde

BookingSpace.com

A software solution for the effective management of resources that are used by a number of employees. Booking Space will enable a business to operate effectively where resources such as meeting rooms, vehicles, site equipment, AV Equipment, or anything that is a shared resource within your company, school or charity.

Features

• Comprehensive resource management capabilities
• Intuitive interface
• Flexibile, customisable settings

Benefits

• Enhances operational efficiency, reduce conflicts. Maximise resource utilisation
• Ensures employees have easy access to shared resources
• Cost savings through better resource utilisation and reduced downtime

£0 to £2 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@wonde.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

994462849873504

Contact

Neil Roach
+44 1638 438094
tenders@wonde.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Booking Space can extend to your office databases and calendars to ensure there is maximum efficiency to allocate and schedule shared resources such as meeting rooms, vehicles, equipment, and more.
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements: Internet Connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 24 hours Mon to Fri
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: WAVE is a web accessibility evaluation tool, that provides visual feedback about the accessibility of our web content. For more detailed design checks, Booking Space also use AXE guided (semi-automated) testing for accessibility checks of all our design changes.
• Onsite support: No
• Support levels: We offer, as standard, a dedicated phone line 08:30-17:30 (Mon - Fri) with extended out-of-hours support during peak periods such as school holidays. Additionally we provide online chat during core support hours with a dedicated team. Resources are often scaled-up during periods of increased demand. Always on services, such as 24/7 online self-help centre including FAQs, videos, downloadable PDFs, and 24/7 online support ticketing system with macro responses are used to streamline support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Booking Space provide full onboarding support and API documentation, plus an extensive support service through our in-house customer and integrations support team. Support for onboarding is managed through our team of account managers and technical account managers as well as the provision of an array of support materials.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Clients can export their data via CSV download.
• End-of-contract process: Clients will have access to the data including any voucher redemption status. Users data is anonymised in the system after is no longer needed to ensure compliance with UKGDPR.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A more compact design is offered on mobile services. Currently the service is used as much by mobile device than desktop device, so functionality is not affected or restricted in any way.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Admin users are able to add/remove resources using the admin dashboard, to suit requirements of the business. The dashboard also gives an all resource view and current status of what is booked/reserved/in-use, and by whom.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: WAVE is a web accessibility evaluation tool, that provides visual feedback about the accessibility of our web content. For more detailed design checks, We also use AXE guided (semi-automated) testing for accessibility checks of all our design changes.
• API: Yes
• What users can and can't do using the API: The platform can connect to internal systems like calendars and resource lists to enable the seamless and up-to-date nature of the deliverable.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The very nature of the system is that it is customisable to your business; the brand, the resources, the user hierarchy etc.

Scaling

• Independence of resources: Booking Space provides a 99.95% service availability. Booking Space is a cloud-based service utilising high-spec, high-capacity, fully-flexible cloud hosting services form Amazon Web Services. Any demand peaks placed on the service automatically triggers a temporary expansion of our data processing capacity, ensuring no disruption to service users. Service levels shall be agreed by us and service credits may be available under certain conditions.

Analytics

• Service usage metrics: Yes
• Metrics types: Basic usage metrics are available via the platform, additional metrics available on request.
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Clients can export their data via CSV download, or via the Wonde API.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Booking Space provides a 99.95% service availability.; ; Booking Space is a cloud-based service utilising high-spec, high-capacity, fully-flexible cloud hosting services from Amazon Web Services. Any demand peaks placed on the service automatically triggers a temporary expansion of our data processing capacity, ensuring no disruption to service users.; ; Service levels shall be agreed by us and service credits may be available under certain conditions.
• Approach to resilience: We follow the AWS Well Architected Framework. More details of the infrastructure available on request.
• Outage reporting: Any extended/major system outages are communicated via the online dashboard and email alerts to users.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All users require a unique ID. Users can log in using SSO, or through the use of a login link sent directly to the users email. Management interfaces and Support Channel access is restricted to internal staff only and roles are in place to restrict users to only actions required for their job.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BM Trada
• ISO/IEC 27001 accreditation date: 20/10/2023
• What the ISO/IEC 27001 doesn’t cover: Our SOA excludes physical media and outsourcing development. We do not outsource development, and physical media is technically blocked within our infrastructure.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our security governance framework ensures that there are opportunities for security information, analysis, and decisions throughout the organisation at all levels. This enables us to obtain assurance that our security risks are understood, appropriately managed, and in line with business requirements.; ; We have a dedicated internal security team who are responsible for designing and implementing policies determined necessary by our risk process. Policies are approved by the appropriate board member. We have documented internal information security policies and processes that are regularly audited internally and as part of our ISO27001 certification; ; Policy compliance is enforced by technical control points where possible. We maintain a central Information Security Policy that all staff are provided with and required to read and agree to.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management approach utilises the policies, processes and controls stipulated under the ISO 27001 Information Security Management framework, against which we are independently audited and certified annually. We have a documented Change Control process. This process requires that changes are prioritised in terms of benefits, urgency, effort required, and potential impact on operations. Following assessment, a change control process is put in place to ensure that changes proposed are reviewed, authorised, tested, implemented, and released in a controlled manner.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Booking Space's vulnerability management approach utilises policies, processes and controls stipulated under the ISO 27001 Information Security Management framework, against which we are independently audited and certified annually. We use Amazon Inspector for all production cloud workloads. An internal Vulnerability Management process is followed to assess vulnerability findings, and report these to the relevant team for remediation. SLOs are defined for vulnerability findings, depending on the CVSS score and other contextual information. We also ingest threat intelligence data from sources such as CISA's Known Exploited Vulnerability catalogue, CISA's Weekly Vulnerability Summary, and a third party who provide threat intelligence services.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Booking Space's protective monitoring approach utilises the policies, processes and controls stipulated under the ISO 27001 Information Security Management framework, against which we are independently audited and certified annually.
• Incident management type: Supplier-defined controls
• Incident management approach: We have an internal incident management process which is communicated to all staff and provided on our company intranet, also an internal incident reporting channel, where all forms of suspected incidents are reported.; ; All incidents are then assessed by our Info Sec and Development Teams, following assessment, all incidents are assigned to an incident manager and a relevant ticket is created. Upon incident resolution, a post-mortem is held to document findings and methods to prevent future recurrence.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We demonstrate a steadfast commitment to combatting climate change and reducing carbon emissions through various initiatives. At the forefront of our efforts is the sustainable provision of goods and services, coupled with investments in low carbon digital innovation. Our commitment extends to our office infrastructure, which operates solely on renewable energy sources, while our business travel is powered by electric vehicles, effectively mitigating our carbon footprint. Moreover, we have implemented a green procurement system, collaborating with suppliers to ensure that products are sourced sustainably and are recyclable, further contributing to environmental preservation. Aligned with governmental objectives to achieve ‘Net Zero’ carbon emissions by 2050, our parent company Wonde actively pursues its own in-house Net Zero journey. A comprehensive Carbon Reduction Plan is readily accessible on all our websites, providing transparency and accountability. This plan outlines our strategies, targets, and actions to reduce carbon emissions across our operations. For detailed insights into our carbon reduction endeavours, stakeholders can access our Carbon Reduction Plan at www.wonde.com/wp-content/uploads/Wonde-Carbon-Reduction-Plan-v2023.pdf. Through these concerted efforts, we remain steadfast in our commitment to sustainability and environmental stewardship, striving to make a positive impact on the planet for future generations.

  Covid-19 recovery

  We understand that supporting impacted individuals and strengthening communities is a vital requirement for national Covid-19 recovery. Our Stakeholder Managers work directly with local communities, establishing priorities and requirements before co-developing a targeted Covid-19 Recovery Plans for review, approval and implementation. Aligned to our Sustainability Development Goals, we leverage our innovative technological capabilities to develop low cost, high impact solutions that respond to local needs, can be rapidly implemented and widely adopted.

  Tackling economic inequality

  We are dedicated to addressing economic inequality through various initiatives and collaborations aimed at empowering individuals and communities. As advocates for fair wages, we steadfastly support the National Living Wage, ensuring that our employees receive compensation that exceeds the prescribed threshold by an average of 63%. Recognising the significance of bridging the digital divide, we actively engage with local stakeholders in communities facing this challenge. Through partnerships and initiatives, we facilitate the provision of digital skills training and support, offering local competitions, workshops, and educational materials. Our involvement extends to programs such as Kickstart and NetMatters, as well as initiatives like the Cambridge Norwich Tech Corridor, where we contribute to fostering technological literacy and advancement. Our parent company Wonde actively collaborates with organisations like 'Get with the Programme,' a charity dedicated to enhancing tech education by partnering with schools and businesses to deliver enriching learning experiences for students. In our commitment to fostering inclusive employment opportunities, we offer apprenticeships and local job placements. Through partnerships with 40 local authorities and participation in government apprenticeship schemes, we actively work to improve pathways to sustainable employment, particularly for ethnic minority and disadvantaged groups. By providing apprenticeships and work experience opportunities, we aim to empower individuals with the skills and resources needed to thrive in the workforce and contribute meaningfully to their communities. We remain steadfast in our dedication to tackling economic inequality, striving to create a more equitable and inclusive society for all.

  Equal opportunity

  Our parent company Wonde implement an inclusive recruitment practice across all its companies, in line with the Public Sector Equality Duty Act, hiring employees across a broad spectrum of backgrounds and experience representing the communities and customers we work with. Wonde have a 50/50 male-female ratio, employ four military spouses as part of our Armed Forces Covenant pledge and support 10 employees requiring additional workplace adjustment. Wonde strives to create a healthy, supported workforce; with staff and client wellbeing at the heart of everything we do.

  Wellbeing

  Our parent company, Wonde, ensure the wellbeing of our clients by actively supporting, promoting and creating opportunities for social value within each contract that we undertake, regardless of geographic location. For example, our sister company Evouchers, works with Plymouth Children in Poverty (PCIP), part of the Plymouth Drake Foundation. They also deliver unclaimed food vouchers to food banks; and have already delivered thousands of these (at our expense) to local food banks across our client areas. Wonde have also run our own unique local Covid Scholars program that rewards commitment to excellence in School/Community/Sport. The wellbeing of our staff is supported by numerous employee benefits, including (but not limited to): - 4 day working week for all employees - Company sponsored wellness retreats - Private healthcare and/or dental insurance - Free on-site gym, and wellbeing room - Flexible, hybrid and remote working - Shopping vouchers - Flexible working contracts - Training options for up-skilling

Pricing

• Price: £0 to £2 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full access to all software features is included in the free trial, with no limited time period.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@wonde.com. Tell them what format you need. It will help if you say what assistive technology you use.