Hostcomm Limited

AI Chatbot and Voicebot Virtual Agent

AI chatbot and voice virtual agent able to 24/7 handle FAQs, problem solving, negotiation, and sales; it is installable on a website or any social media platform. It offers an on-premise hosting option, code-free setup, deeper customisation functionality, intuitive in-window authentication, and a personality engine.


  • Natural language chatbot with both voice and messaging interaction
  • Chatbot code-free conversation builder
  • Chatbot in-window authentication
  • Traffic light warning system enabling live agent takeover
  • Chatbot independent platform
  • Customisable personality engine
  • Phone bot IVR with TTS and STT
  • CRM Integration using API
  • Machine learning chatbot using Tensorflow
  • Live web site monitoring


  • Engage your customers 24/7, reduce costs and unify brand messaging.
  • Quickly and cheaply create, update, and finetune your chatbot’s conversations
  • Lower sign-up friction with in-window authentication
  • Combine strengths of human and virtual agents
  • Reduced platform service costs, and easier maintenance and project planning
  • Small talk creates closer, personal connections with your customers
  • AI IVR customers can get quicker and more sophisticated answers.
  • Seamlessly sync data between our platform and your CRM.
  • Benefit from less time updating and finetuning conversations
  • Track customers and engage to improve conversion rates


£5.00 per user

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

3 3 8 5 5 2 2 6 5 0 5 2 6 6 5


Hostcomm Limited

Chris Key

0203 326 8143

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Private cloud
  • Hybrid cloud
Service constraints No
System requirements
  • User PC with Windows, 2 CPUs, 2GB RAM
  • Headphones
  • Softphone or SIP handset

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our average response time to a questions is 17 minutes during week days. Over the weekend the average response time is 80 minutes.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AAA
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AA or EN 301 549
Web chat accessibility testing Hostcomm uses Microsoft's Access Insights for Chrome & Edge testing. It also uses Google Cloud Speech (TTS & STT) to convert chat dialogues into audible speech using a standard browser for people with hearing disabilities. Demonstrations of this are available.

Accessibility Insights for Web is an extension for Chrome and Microsoft Edge Insider that helps developers find and fix accessibility issues in web apps and sites.
Onsite support Yes, at extra cost
Support levels Severity 1 (Critical Service Incident) - Within 15 mins
Severity 2 (Critical Service Incident) - Within 30 mins
Severity 3 (Non-Critical Service Incident) - Within 1hr
Severity 4 (Minor Support Request)

Our service includes unlimited telephone technical support and access to our automated ticketing system. You will receive an average response time of 17 minutes to a ticketed question and will wait an average of 2 mins for a technical support call. You will have a dedicated account manager and technical engineer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Training is provided at our training centre in Leicester, through online training classes and onsite as well. Full documentation including quick start guides and manuals are also made available. We also provide online chatbots to answer questions 24X7.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction They can download their data via VPN / TLS 1.2 or Hostcomm can provide their data via a USB drive and secure courier.
End-of-contract process The client is using a cloud service so termination is very easy, there is no need for a site visit. Data retrieval is the main issue, hostcomm charges if the client wants a USB drive with their call recordings and database backup.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Just the layout which adjusts automatically.
Service interface Yes
Description of service interface The administration and agent service interfaces can be used with any browser without the need to download an application or module.
Accessibility standards WCAG 2.1 AAA
Accessibility testing The system incorporates a chatbot for self service provision which can convert speech to text and text to speech. This means a user of the chatbot can hear the chatbot and speak to it without needing to see it. Even basic live chat text can be converted to speech using a Chrome browser. The live chat and chatbot interface has been tested for enlargement of text through Chrome and Firefox.
What users can and can't do using the API The web API can be used to control functionality on the contact centre with a simple https web request to pass parameters to the API script.
Further information is available upon request.
API documentation Yes
API documentation formats
  • HTML
  • ODF
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Administrators can change the colours and logo of the admin and agent interfaces. We can also provide a more advanced customisation of the web interface if required.


Independence of resources Users will have a dedicated server or will be allocated dedicated VPS resource.


Service usage metrics Yes
Metrics types There are hundreds of reports which cover metrics such as agent performance, server loading, user access, admin change log, SLAs, client wait times, KPI achievements. These reports are customisable.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach The service is hosted on Amazon AWS, Hostcomm follows PCI DSS process, data encryption, access control, firewalls, permission based logins.
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported via a .csv file or MySQL export which can be scheduled to run each day. The service also includes a secure call recording export tool and GDPR data removal facility.
Data export formats
  • CSV
  • Other
Other data export formats Mysql
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Service Availability Guarantees 99.99%.

If in any one (1) month Hostcomm does not meet its service availability guarantees, the Customer will be entitled to receive credit. Further details available on request.
Approach to resilience Data on Amazon AWS is stored using S3 or EC2 services which have fault tolerance built in such as multiple availability zones where data and applications can be replicated.
Outage reporting Email alerts and via a portal announcement service.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication Firewall filtering on IP address
Access restrictions in management interfaces and support channels Firewall filtering on IP address, VPN, Strong passwords, 2FA
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Description of management access authentication Firewall filtering on IP address

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Alcumus ISOQAR
ISO/IEC 27001 accreditation date 01/03/2019
What the ISO/IEC 27001 doesn’t cover Our data centre provider, iomart Group PLC, is certified.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification 3B Data Security
PCI DSS accreditation date 24/04/2019
What the PCI DSS doesn’t cover Service Provider Level 1 is what is covered.
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Hostcomm is a PCI DSS Level 1 Service Provider
Information security policies and processes PCI DSS

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Hostcomm uses a web based change management system which is part of our helpdesk system (FreshService) Change control applications are forced for PCI DSS cases and reason, risk, impact, rollback plan are all assessed and logged. There is an approval board which has to sign off changes based on the request. Changes to software applications are approved by a second developer.Lifetime tracking is achieved through a combination of the helpdesk system and GitHub.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Hostcomm performs vulnerability scanning every 3 months in line with PCI DSS compliance. The scanning software is updated with new threats by the vendor. Updates and patches are implemented overnight if critical or as soon as is reasonable if medium or low categories.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Hostcomm uses an Intrusion Detection System which identifies compromises using "agents" deployed on all network assets. When one is found an alert is posted on the technical support dashboard and an email is sent to the Technical Support Manager and Security Officer and a incident ticket is raised. The client is informed immediately if applicable, Hostcomm then follows PCI DSS procedure for remedial actions.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incidents are logged using our helpdesk ticketing system. We follow PCI DSS Policy and Procedure which is reviewed and updated. We carry out quarterly internal/external scans on our systems in the PCI DSS environment. Security Information and Events Management system (SIEM) monitors the systems in the PCI DSS environment which logs events and warns us on important events which our information security officer investigates.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £5.00 per user
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full access to standard features for a One month trial.

Service documents

Return to top ↑