CLEATA LIMITED
Cleata
Provides cloud software to enable the management of datasets to allocate records as tasks to teams and users to review, update and track completions.
Features
- Data cleansing
- Dataset collaboration
- Dashboard reporting
- Dataset review
- Data import and export
- Task driven data collaboration
- Knowledge worker data capture
- Data onboarding
- Data transformation
Benefits
- Manage data and record reviews
- Quickly allocate records in datasets to teams and users
- Simplify manual data collection and cleansing activities
- Reduce potential version control issues
- Monitor progress of data reviews and completions against targets
- Undertake data quality management for system migrations
Pricing
£199 a licence a month
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at Contactus@cleata.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 12
Service ID
2 6 3 1 4 8 8 3 3 5 8 7 7 4 9
Contact
CLEATA LIMITED
Brendan Tate
Telephone: 07889842417
Email: Contactus@cleata.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- Requires datasets to be imported as CSV or XLS/XLSX formats. Upgrades and functionality improvements are undertaken during 00:00 and 06:00 GMT.
- System requirements
-
- Modern browser
- Dataset in CSV or XLS/X format
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Tickets are responded to within 1 hour, support is available 7 days a week from 9am to 6pm.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- No
- Web chat support
- No
- Onsite support
- No
- Support levels
- Support on all services procured is included in the cost of the subscription to the service, there is only a single support service available, though if additional support arrangements are required these can be factored in at additional cost dependent on the individual requirements of the client. General support is available 7 days a week 9am to 6pm GMT by email/ticket
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Online training videos are available for both the administrator and the end users of the system. User guides are also available for download. Initial 30 min video training for the administrator is also available on paid plans.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- The administrator is able to export their data at any time by selecting the export option against the datasets before the contract expires. Should the client wish to export following their contract expiring, they can raise a ticket to support and we will supply the data to them, providing that the request is made before the retention policy expires.
- End-of-contract process
- The contract will expire after 30 days notice is provided by the Client at which time the clients user accounts will be frozen. The Client's portal and the data contained is kept for a period of 90 days according to our retention policy. (In case of the Client wishing to export the data following contract expiry or if the Client decides to renew their service during the 90 day window). The Client can contact us within the 90 day window following contract end to either: a) Renew access to the service. b) Request that the data is permanently deleted upon request before the 90 day window. c) Request a single export of data from their portal. Subsequent requests for export following a first request following the contract expiry may be chargeable.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Cleata works on both desktop and mobile/tablet devices, however due to the nature of the service provided it is likely that the vast majority of customers would use the service from a laptop/desktop device. The manager (administrator) has to upload the dataset to Cleata so given limitations on mobile / tablet devices it's likely this would be done on a desktop/laptop. User login is limited to form based view rather than tabular view for reviewing and updating records on a tablet/mobile device.
- Service interface
- Yes
- Description of service interface
-
The administrator has a login which provides them with the ability to load datasets and configure the setup to allocate the datasets to teams and users as well as add/amend users and teams.
The user has their own login which provides them with access to the dataset records allocated to them.
This is all done within a browser. - Accessibility standards
- None or don’t know
- Description of accessibility
- All user interaction occurs through the web browser, where possible we have adhered to usability guidelines but have not tested this with assistive technology.
- Accessibility testing
- We haven't tested with users of assistive technology.
- API
- No
- Customisation available
- Yes
- Description of customisation
- Customisations are built in for the purpose of defining what datasets go to which teams and users. Column permissions are set by the manager on a team basis, so that one team can have limited access to data in specific columns than others also working on the same dataset. Additional customisations are built as options during the dataset configuration for the manager (administrator) of Cleata. Additional customisations or requests for functionality changes are requested via support and are triaged and potentially developed into the product in a later release for all clients of Cleata.
Scaling
- Independence of resources
- Cleata has been designed with scalability as part of the development plan, with everything reviewed and checked for load testing. Cleata is hosted on elastic cloud so that as demand increases, the platform Cleata is hosted on also scales up to cope with demand so that users are not affected. Servers are hosted in a cluster to ensure failover and no loss of data or service.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Records loaded (either in total or by individual dataset) Number of users and teams (either in total or by individual dataset) Total records reviewed (either in total or by individual dataset) Total records outstanding (either in total or by individual dataset) Records reviewed/outstanding by team or user. Burndown chart of targets vs actuals if using a target complete date.
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Encryption of all physical media
- Other
- Other data at rest protection approach
- Data at rest is encrypted at AES-256. Physical access control is managed by Amazon AWS and their controls apply.
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- There is an export button in the Client's console.
- Data export formats
- CSV
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- XLS
- XLSX
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Service is guaranteed at 99.5% up-time over any monthly period excluding planned outages for maintenance, upgrades and improvements. Performance metrics are shared on a monthly basis. If performance in any given monthly period does not perform at the guaranteed service level, service credits will be provided to the cost of period of downtime over and above the guaranteed service level based on the service the client has subscribed to.
- Approach to resilience
- The configuration and setup of the servers that support the Cleata system are setup in a cluster that includes support for failover of any component of the service. Components of the cluster are also split over more than one data centre, so if a data centre suffers an outage - the service will continue and no data will be lost. If a component fails, then automated tools will redeploy the failed component to ensure continuity of service.
- Outage reporting
- Outages (either planned or unplanned) are reported by email alerts to all users.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
The client is provided with a single account for management interfaces with a single user name and password that is setup by the client and has a strict password policy.
Support channels are open to all end users and management users only, a separate registration process is used to confirm that users appear from the same domain that the client has a registered account to. Administrative actions can only be requested by the management user. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- Cyber Essentials Plus (In progress)
- Server architecture is ISO27001 certified by AWS.
Security governance
- Named board-level person responsible for service security
- No
- Security governance certified
- No
- Security governance approach
- At time of submission, we are starting Cyber Essentials Plus accreditation. We document each security incident and are developing security policies in line with the ISO accreditation process.
- Information security policies and processes
- All security incidents are flagged to the Director as the responsible party for Security for review and action. We are in the process of updating our policy documents, which include: risk log, risk reporting, risk management, IT security and operational security manual.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Cleata uses source control with documented revision history for each change.
All changes are tested, then pushed to a staging environment and verified before before deployed to a live environment.
Customers are then notified of new feature releases and the wiki site updated. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Cleata operates a threat management policy which includes regular penetration testing, plugin and server patching.
We monitor CVEs from various websites to understand potential threat and risks to our infrastructure.
All servers are hosted by AWS and security updates are done with the most of 1 week following release unless identified critical.
We virus scan all code before deployment and monitor security updates for software packages we use.
We also review syslog messages and flag user authentication errors.
Plugins and libraries used by Cleata are automatically updated. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We employ active monitoring of the system and identifies any suspicious behaviour outside normal usage. All network, firewall and system log information is subjected to regular audit.
If a compromise was found, then immediate action is taken to remove the issue and identify any potential data breach/loss.
If required, the ICO would be informed as per GDPR requirements. - Incident management type
- Supplier-defined controls
- Incident management approach
-
We have an APM that actively monitors application performance to ensure that the system is behaving as intended.
Users can report via a ticketing system or by email.
For common issues, we provide a wiki which is frequently populated with updates and common answers to questions.
Common issues such as password resets are self service.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £199 a licence a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
-
Free tier consists of:
Maximum 1 team and 2 users
Single dataset
500 row limit.
Basic support
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at Contactus@cleata.com.
Tell them what format you need. It will help if you say what assistive technology you use.