Netcall CallMeBack™ is a web callback solution that easily and rapidly connects voice calls for customers on the Web with contact centre agents. CallMeBack can be deployed on devices including Webpages, Mobile Applications, Kiosks, and Smart TVs. The solution is easily deployed and requires minimal changes to systems and processes.
- API implementation using simple HTML code
- No limit to the number of deployed interfaces
- Customisable attributes
- Customer and user service notifications
- Unique "Agent first" callback procedure
- Whisper of contextual information to agents before connecting calls
- Real time Call Board dashboard
- Comprehensive historical graphical reports
- Ability to download reporting information
- Simple to use Administration Interface
- Full user configuration to implement operational requirements in real-time
- Widely deployed as SaaS for more than 15 years
- Audit service performance through full web reporting capabilities
- Simple charging structure
- Compliance with Ofcom regulations using Agent-first callback procedure
- Rapid implementation
- Simple for your customers to use
- Easy to modify for different devices or Web pages
- No changes to agent call handling equipment or processes
- Contextual information aids agents callback handling
£1.20 per transaction
Netcall Telecom Limited
0330 333 6100
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Netcall Liberty Cloud offers a complete suite of customer engagement software, CallMeBack can be used as standalone or as an add-on to following Netcall applications: Liberty ContactCentre, Liberty IVR Liberty, QueueBuster, MATS accelerator and Patient Hub|
|Cloud deployment model||Private cloud|
|Service constraints||The service is subject to planned maintenance which will be notified in advance.|
|System requirements||Web Browser|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Response times are;
- Initial response is 90 minutes
- Priority 1 is 3 contract hours for fix/workaround.
- Priority 2 is 6 contract hours for fix/workaround.
- Priority 3 is 12 contract hours for fix/workaround.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
We will provide a Standard level of support which will be included within the cost. This includes access by telephone or email to the remote support teams during contracted hours.
A technical account manager will be provided.
Comprehensive Support (24/7) can be added and is a 10% uplift of of the minimum monthly licence.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Netcall will provide project management, engineering, and training support for the initial configuration of the Liberty CallMeBack. In addition onsite or online training will be provided to enable the customer to self-manage the service. Documentation regarding implementation and configuration of Liberty CallMeBack will also be provided. This includes Online Help which is provided within the Liberty User Interface.|
|End-of-contract data extraction||
All customer data is available in reports accessed through a web interface.
Users will extract data by manually downloading data in a CSV file format.
All CallMeBack reports will enable the ability to download data using a definable date range.
|End-of-contract process||At the end of the contract Netcall will cease the service which will prevent the receiving and making of calls. All data stored including backups will be securely deleted using industry standard best practise methods.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||No|
|Accessibility standards||None or don’t know|
|Description of accessibility||
CallMeBack forms are built by the user and as such will be subject to the Users accessibility standards.
User administration is via a browser interface and accessibility would be provided by software controlled by the users' PC
|Description of customisation||Users have full access to customise the CallMeBack service. There is no limit to the number of CallMeBack interfaces and queues that can be defined. Changes are made in real-time and configuration includes: Interface Settings - The definition of each interface - Attributes, Agent Announcements, User and Customer, Routing Rules, and API Settings Queue Settings - The definition of the call back - Queue/Answer Timeouts, Queue Capacity, Phonebook, Timeplan, Retry and Rescheduling Settings, CLI to present, Allowed Numbers, Offline and Online Capacities Customisation is made by users via the Liberty browser based administration interface. Access is controlled by the users’ assigned roles and permissions. Changes are audited including time, date and user stamps. Full training and documentation on the administration interface will be provided.|
|Independence of resources||The user will be provided with sufficient resources to process requests to the CallMeBack service. This is based on Netcall enabling the correct telephony resource to manage the maximum licensed concurrency of the service.|
|Service usage metrics||Yes|
CallMeBack provides a range of real time and historical graphical reports. This includes:
Callboard - Real time dashboard displaying key usage metrics and enabling call tracking
Historical Reports - Queue Summary, Detailed History, Service Level, Successful Callbacks, Post Call Options, Daily Summary Graph, Call Timings Graph, Queue Capacity Usage Graph
Reports can be filtered to provide the defined details, this includes the data range of the report, the specific callback queue(s), and the report view.
Reports can be viewed graphically, downloaded to csv manually, or automated daily emailed csv extract of the Call History, Detailed History, and SLA data.
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Supplier-defined controls|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
Users can extract data by manually downloading data in a CSV file format. All CallMeBack reports will enable the ability to download data using a definable date range.
If required, the CallMeBack reports can be automatically exported by a scheduled service. This creates the following CallMeBack reports at 02:30 every day:
• Call History
• Detailed History
Users can subscribe to receive these reports by email, assuming they have the correct CallBack report permission created.
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
|Other protection within supplier network||Static data is securely protected behind a series of firewalls/access control lists and 2 factor end user authentication plus anti virus and native monitoring tools.|
Availability and resilience
|Guaranteed availability||Netcall’s Service will achieve the below Service Level Availability (SLA). If it does not the Customer’s sole remedy is payment of Service Credits. The SLA = 99.5% in any calendar month. Downtime is a period during which the services are unavailable resulting in all users being unable to use all aspects of the service. Downtime does not include time when the services are unavailable as a result of planned maintenance, or problems with related equipment, services, software or other components not supplied by Netcall as part of the services. Core Hours: 0700 to 1900 hours, Monday to Friday, excluding English Public and Bank holidays. If the Actual Service Level (ASL) achieved falls below the SLA a Service Credit is due calculated as: the total number of hours during the Core Hours in the relevant calendar month minus the total number of hours of Downtime during the Core Hours in the relevant calendar month, divided by the total number of hours in Core Hours in the relevant calendar month, with the resulting fraction expressed as a percentage. If ASL falls below 99.5% the Credit is 10% of the Monthly Fee, which can be claimed by request in writing to Netcall.|
|Approach to resilience||
Netcall CallMeBack utilises a high-availability clustered database that is at two geographically diverse sites. Offsite backups are made on a daily basis.
Use of multiple sites and multiple PSTN and Internet connections with multiple vendors helps ensure business continuity.
All Netcall’s Cloud Services are operated across multiple data centres. Backups of Customer data are taken on a daily basis and stored securely and in an encrypted state off site in an alternate data centre.
The hosted environment within each data centre is virtualised on high availability, highly resilient hosts which minimises downtime through individual host component failure.
Full details can be provided on request.
|Outage reporting||Netcall’s Cloud systems and services are proactively monitored for availability and system health by the event management process. System events and alerts of threshold breaches are detected by Netcall’s system management tools and these alert our Customer Support team of state changes, including service outages in any of Netcall Cloud service offerings. Within 30 minutes of detection, Customer Support are responsible for informing service affecting outages to customers and these are tailored to match the business needs of the customer. The form of the communication can be either email or telephone to the customer’s service desk or preferred service contacts. The alert to the customer contains information on which service has failed, the likely effect it will have on customers IT service along with reference information for follow up. Netcall Customer Support then maintain regular updates to affected customers on the expected service restore time until de-escalation.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Liberty Cloud applications including CallMeBack uses assigned roles and permissions to control user access. Liberty Cloud applications are accessed via a browser based user interface, on sign on the assigned roles and permissions are applied.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Alcumus|
|ISO/IEC 27001 accreditation date||17/11/2017|
|What the ISO/IEC 27001 doesn’t cover||Netcall's ISO 27001 is certified around the protection of the Confidentiality Integrity and Availability (CIA) of data assets for all platforms, products, services and suppliers relating to the processing of data. The governance also extends to the premises where the assets are hosted. The Statement of Applicability is a comprehensive scope that takes almost a week of onsite auditing by an external auditor working closely with the critical teams from Operations (including Info Sec) the business and other stakeholders such as the client , data centre managers etc. The Netcall process owners also include the facilities, legal and finance teams. Therefore ISO27001 will only exclude policies, controls and components that are not explicitly defined within the scope of the Statement of Applicability published for Netcall. The priority will always be to protect the CIA of the client data as per the Netcall solution and product design proposed to and contractually accepted by the client. So the actual likelihood of any risks remaining unmanaged/missed through the comprehensive scope of controls in the SOA is low.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Who accredited the PCI DSS certification||NCC|
|PCI DSS accreditation date||11/2017|
|What the PCI DSS doesn’t cover||Comment|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||It is also accredited to the NHS IG Toolkit, Cyber Essentials+, and also PCI /PA DSS compliant.|
|Information security policies and processes||All Information Security Policies and processes are documented and audited into the ISO27001:2013 Info Sec Statement of Applicability. It lists the Netcall controls, policies and work instructions documented and recorded for the standard. They were reviewed as part of the external Audit in June and November 2017 and deemed compliant. The SOA in PDF form can be shared on request. All process owners are internally and externally audit for compliance with the policies set out in the SOA and listed below. • Quality Policy. • Security Guiding Principles. • Information Security Policy. • Clear Desk Policy. • Keyholder Policy. • Access Control Policy. • Information Classification Policy. • Data Protection Policy. • Network Access Control Policy. • Information Exchange Policy. • Password Policy. • Cryptographic Policy. • External Parties Access Control Policy. All the policies are reviewed throughout the year and recorded in the Audit Calendar.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Netcall's Change Management processes are audited under the ISO27001:2013 Info Sec standard. The statement of applicability for the standard can be shared.
No change will be permitted unless it has been approved by the relevant authority at Netcall against the relevant tracker ticket.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Netcall's compliance involves running external and internal vulnerability scans as part of our vulnerability management system to support the vulnerability management and internal patching process. Escalations are through our tracker system as part of the Risk Assessment/Vulnerability Management Process. These scans form evidence used to our InfoSec accreditations. The scanning vulnerabilities are prioritised within the reports, fed into the tracked Risk Assessment and resolution Process, reviewed by Netcalls' Operations and relevant process/risk owner for resolution. Where necessary threat control and corrections/prevention tickets are raised and linked to the original vulnerability to audit the fix and risk.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Netcall manages and controls compromises to the Confidentiality Integrity and Availability of Information Assets through its Incident Management System, Control and ownership is centralised yet overseen with stakeholders. The process is ISO 27001:2013 compliant linking risks to treatments and SLAs. Compromises are monitored, tracked, recorded in a number of ways: being raised by customer/production support calls, via the account managers, after changes, risk reviews, actual security incidents, picked up via IDS/IPS systems or event identification. The owner is the Information Security Manager working with the respective Process Owners and impacted stakeholders to resolve any compromises and apply preventative actions.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Netcall uses native and licensed software to manage risks and is ISO 27001:2013 compliant for Incident Management. It is tracker based linking risks, assessments into corrective and preventative processes. Compromises are recorded after changes, risk reviews, security incidents, event identification or in worst case scenarios invoking the Business Continuity Plan. The owner is the Information Security Manager working with the respective Process Owners and impacted stakeholders to identify, contain and resolve an incident using Tracker to prioritise, tailor and make the risk progress visible to stakeholders.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Connected networks||New NHS Network (N3)|
|Price||£1.20 per transaction|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|