Texthelp Ltd

Browsealoud for Public Access Computers (PAC)

Public libraries bring great value to their communities - offering access to online services and resources through public access technology. BrowseAloud PAC is software which adds speech, reading, and translation to websites on these computers facilitating access and participation for people with Dyslexia, Low Literacy, and mild visual impairments.

Features

  • Text-to-Speech: improves comprehension and understanding
  • Spoken & Written Translation: translates webpages and speaks translations aloud
  • Text Magnification: allows users to access even the smallest text
  • MP3 Generation: text can be saved and listened to later
  • Screen Mask: blocks distractions on screen allowing users to focus
  • Webpage Simplifier: removes clutter from screen, such as adverts

Benefits

  • Expand your website’s appeal to a wider audience
  • Help more people browse, buy and access your services online
  • Comply with legal obligations for website accessibility
  • Give confidence to site visitors who lack digital skills
  • Extend your website’s appeal to non-native speakers in other languages
  • Demonstrate greater social responsibility
  • Make content easily accessible

Pricing

£4,995.00 to £29,995 a licence a year

Service documents

Framework

G-Cloud 12

Service ID

2 8 3 4 6 4 5 8 4 9 4 1 1 0 1

Contact

Texthelp Ltd Louise McQuillan
Telephone: 02894428105
Email: l.mcquillan@texthelp.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No
System requirements
  • PC: Chrome (latest release)
  • Mac: Chrome (latest release)
  • Chromebook: Latest release

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our KPI is to respond in 24 hours, excluding weekends
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
We offer free Technical Support via phone or email for all our products. There is no difference in our support for different products. We do not offer technical account managers or support engineers.
Support available to third parties
No

Onboarding and offboarding

Getting started
Once onboard, customers are provided with a Browsealoud PAC installation instructions:
Customers are also assigned an account manager whose responsibility it is to ensure the Browsealoud PAC integration runs smoothly and the customer receives all the necessary support and training throughout their integration and subscription period. Account managers can also provide a short online webinar to take the customer through the features and benefits of Browsealoud PAC.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
On request Texthelp will return or destroy all customer data.
End-of-contract process
The price stated in the contract is the final price for the term of the contract. No other charges apply.

Using the service

Web browser interface
Yes
Supported browsers
Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
No
Customisation available
No

Scaling

Independence of resources
Speech services are load balanced, and spread across multiple geographic locations. Servers scale up to meet demand, CDN with scalable file storage is used for static content.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
There is no user data to export from the products. Capita's billing and contact info can be deleted on request after termination of the contract.
Data export formats
Other
Other data export formats
There is no data to export.
Data import formats
Other
Other data import formats
Not applicable.

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
All server communications are encrypted
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.99% uptime in any calendar month. Credits are applied to customer accounts where this target is not met.
Approach to resilience
A Secure Development Policy enforces security to be designed into the product. Vulnerability scanning is performed on all files. Services are hosted by Google, Amazon AWS and Sugar CRM all of which guarantee uptime. Other information may be available on request.
Outage reporting
Monitors and Scheduled automated tests running twice per day. Automatic notifications are sent by both monitors and automated tests if results are not as expected.

Identity and authentication

User authentication needed
No
Access restrictions in management interfaces and support channels
Access Control Policy
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Standards Institute (BSI)
ISO/IEC 27001 accreditation date
09/08/2018
What the ISO/IEC 27001 doesn’t cover
There are no exclusions contained within our statement of applicability. As above, the company has been certified, by BSI, to ISO 27001. The certification is not product specific but covers the security posture of Texthelp Ltd & Texthelp Inc that are both in the scope of the certification. Texthelp PTY is not currently in scope but employees there are required to comply with the same policies.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Texthelp has a number of security policies satisfying the requirements of ISO 27001. Information Security Policy, Access Control Policy, Acceptable Use Policy, Mobile and Teleworking Policy, Secure Development Policy, Infrastructure Hardening Policy, Network Security Policy, Business Continuity and Disaster Recovery Plans.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Texthelp operates an Agile methodology. At the beginning of each agile sprint any security implications of changes we plan are considered and suitable mitigating actions are taken. Any changes that may impact the confidentiality, integrity or availability of Texthelp’s data or of the personal data of interested parties held by Texthelp must be thoroughly planned, preferably in isolation, prior to the changes being made. Risk assessment as defined in the company's Quality/ISMS Manual shall be carried out when changes are planned. Risks will be identified and recorded in The Risk Register and a treatment plan will be defined and implemented.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Texthelp's approach involves ensuring we identify, assess, and remediate information technology (IT) vulnerabilities, weaknesses, or exposures in IT resources or processes that may lead to a security or business risk. Our policy identifies Texthelp’s vulnerability management practice which includes the roles and responsibility of staff, the vulnerability management process and procedures followed, and risk assessment and prioritisation of vulnerabilities. Security vulnerability scanning technologies Whitesource and Tenable are used to assess our services and to identify potential threats.

How quickly the company deploys patches depends on the threat to a particular service. Any threats will be evaluated, prioritised and actioned accordingly.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The quality assurance department manage a suite of in-house automated tests that monitor the integrity of the company's services on a twice daily schedule. A test fail resulting from evidence of a breach will result in the service automatically being taken offline immediately. For any test fail senior project management staff are automatically notified by email so immediate action can be taken where necessary. 24/7 cover is provided for this.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
‘Notification List' of customers that are to be notified is created. Identification of the Data Entity that was compromised.
The corresponding Products that use this Data Entity are identified, and for each product that is impacted:
A List of customers, Technical Contacts and Data Security Contacts at those accounts will be added to the Notification List.
Data Security Incident Response document is created.
Customers on the Notification List are made aware of:
Extent of incident
If personal data was accessed
Steps taken to mitigate the impact and to prevent recurrence.
Downtime/Security Event logged using guidance in the Information Security Policy.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£4,995.00 to £29,995 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents