Reach-Data Ltd

Council & Local Authority SMS Service

We offer a dedicated inbound / outbound SMS service specifically aimed at Councils and Local Authorities. All services are housed in UK data centres using dedicated infrastructure and direct connectivity with the mobile networks. We are ISO 27001 accredited with a suitably scoped ISMS covering all services.


  • Industry standard API's for direct integration
  • Carrier grade infrastructure
  • Tier 1 direct UK routing
  • Completely cloud based
  • High performance
  • Secure (SSL) connectivity
  • ISO 27001:2013 Accredited (UKAS)
  • 2-way SMS
  • Real-time reporting
  • Global coverage


  • Cloud based and accessible from multiple platforms
  • Full traceability with integral delivery reports
  • Optimised for access from mobile devices
  • Connections to multiple networks ensuring no single point of failure
  • UK based data centre's
  • Flexible and transparent pricing
  • Simple onboarding and offboarding process
  • 24/7 Service and support
  • Dedicated account manager


£0.016 per unit

  • Free trial available

Service documents

G-Cloud 9


Reach-Data Ltd

Andrew Cook

01923 618065

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints No
System requirements
  • Internet access
  • PC, Mac or mobile device to access the platform
  • Modern web browser with HTML5 support

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Monday to Friday

Office Hours: 09:00 – 18:00
Response: 1 Hour

Evening: 18:00 – 22:00
Response: 1-2 Hours

Night: 22:00 – 09:00
Email accounts will be monitored on a "Best Endeavour" basis directed to the observance of critical issues.

Weekends and English Bank Holidays

Daytime: 10:00 – 16:00
Response: 2 Hours

Evening, Night: 16:00 – 00:00 and 00:00 – 10:00
Email accounts will be monitored on a "Best Endeavour" basis directed to the observance of critical issues.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Monday to Friday

Office Hours: 09:00 – 18:00
All issues will be routed to the appropriate staff immediately with an initial response within 1 hour.

Evening: 18:00 – 22:00
All issues will be routed to the appropriate staff with an initial response within 1 - 2 hours.

Night: 22:00 – 09:00
Email accounts will be monitored on a "Best Endeavour" basis directed to the observance of critical issues affecting more than one or all clients.

Weekends and English Bank Holidays

Daytime: 10:00 – 16:00
All issues will be routed to the appropriate staff with initial response within 2 hours.

Evening, Night: 16:00 – 00:00 and 00:00 – 10:00
Email accounts will be monitored on a "Best Endeavour" basis directed to the observance of critical issues affecting more than one or all clients.

There are no additional costs associated with the above support levels.

A dedicated account manager is also available as an escalation point if issues are encountered.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide online training as well as user documentation of our platform and services. Onsite training is also available and can be discussed during the onboarding process.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction All data can be extracted through our online platform within the reporting section. This includes a record of all messages sent throughout the life of the contract and is available in CSV format.
End-of-contract process There are no additional costs associated with the extraction of data at the end of the contract. The users account is deactivated after they have extracted the data and they stop using the service.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service All features of the platform are available to use on both mobile and desktop browsers.
Accessibility standards WCAG 2.0 A
Accessibility testing The platform has been tested using the following accessibility applications:

JAWS, Dragon, Supernova, Zoomtext
What users can and can't do using the API Access to the API is provided as soon as a user signs up for an account on our platform. The API is used to submit messages directly through our gateway without any limitations.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available No


Independence of resources All services are mirrored between UK data centres with automatic fail over and load balancing. The automatic load balancing ensures that 1 user / client does not impact another.


Service usage metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach All data can be exported in CSV format though our online, web platform within the Reporting page.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability All our operational servers are dual processor blade servers running in a controlled environment with redundant power supplies.

Service Uptime
Main Site
99.96% uptime with provision of full service since January 2009

Backup Site
99.92% uptime with provision of full service since January 2009

Combined Provision (no overlap)

As standard, we don't give service credits in the event that service levels are not met. This can be discussed as part of the onboarding / contract negotiations.
Approach to resilience We operate a multi-layer approach using multiple UK data centres to ensure no single point of failure. In the event of a failure at one of our sites, we automatically switch to another site, ensuring no interruption to our services.

We also maintain connections to all UK mobile network operators. In the event of a critical network failure, messages are routed through an alternative operator to ensure services are not interrupted. A fully documented Disaster Recovery Plan details backup and contingency processes.
Outage reporting We notify clients by email in the event of an outage.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels All access is controlled by username / password controls. We specify a minimum criteria for password length and complexity.
Access restriction testing frequency At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Certification International (UKAS)
ISO/IEC 27001 accreditation date 18/04/2013
What the ISO/IEC 27001 doesn’t cover All services are covered.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We follow the following information security policies / procedures in line with our ISO 27001 certification:

Information Security Policy
Business Information Policy
Access Control Policy
Teleworking Policy
Clear Desk Policy
Back Up & Redundancy Policy
Supplier Security Policy
Secure System Engineering Principles Policy
Information Security Management
Asset & Information Management
Human Resources
Physical Security
Communications & Operations
Access Control
Systems & Processing
Incident Management
Business Continuity Management
Compliance & Conformance

We ensure policies are followed through our internal auditing processes and any issues / non-compliance are reported to the MD / Information Security Manager.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All changes to system hardware, software or other applications must be authorised (MD)
All version updates should be risk assessed and tested if deemed necessary by ISM/MD
Any over-ride of this “Change Management” procedure must be authorised (MD)
All changes must be first risk assessed and tested before full implementation
All testing must be carried out in a separate and controlled environment
Vulnerability management type Supplier-defined controls
Vulnerability management approach All services are tested in a separate dedicated UAT environment before being pushed into the live environment. All applications / systems for message processing are designed and built in house. We deploy patches in a timely manner after testing the deployment in our UAT environment.
Protective monitoring type Supplier-defined controls
Protective monitoring approach All systems are proactively monitored, including access logs and firewall logs to identify any potential breaches in security.
Incident management type Supplier-defined controls
Incident management approach The Information Security Manager must be PROMPTLY informed of the (potential) incident
The Incident must be PROMPTLY reported to the Information Security Manager in writing
The Incident must be LOGGED by the Information Security Manager
The Incident must be ANALYSED by The Information Security Manager
The MD and the ISM must ensure there is learning and appropriate action
Details of all Incident records must be maintained (incl. dates, times, parties involved etc.)
The ISMS ensures that all Incidents are brought to the attention of the MD.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £0.016 per unit
Discount for educational organisations No
Free trial available Yes
Description of free trial Full functionality is provided, along with a limited number of free SMS credits. There is no time limit.


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑