Cantata Limited

Cantata Vantage CRM

Cantata Vantage CRM is a private cloud CRM system for organisations from as little as 15 users (typically 20-500). It is based on Microsoft Dynamics CRM and fully integrates with Outlook and Office. Vantage includes user interface improvements, data visualisation, web portals, event management, case management and more.


  • Contact management for B2C and B2B including user interface extensions
  • Case management including advanced business process management and KPIs
  • Activity tracking including e-mail/calendar integration and timeline visualisation
  • Real-time, offline and machine generated reporting and dashboards
  • Web portal functionality including logon, registration and reporting
  • Events management capabilities including self-service
  • Stakeholder management features including parliamentary, press & public affairs capabilities
  • Tagging, segmentation and flag marketing capabilities for advanced data segmentation
  • Support for multiple devices including different web browsers and mobile
  • Comprehensive, UK-based, implementation services and SLA-backed support


  • Keep track of all individual and organisation contacts
  • Effectively manage case work against SLAs and KPIs
  • Allow user and customer self-service through multiple devices
  • Comprehensively track activity across e-mail, phone, post and mobile channels
  • Personalise communication and activity to stakeholders and customers
  • Automate and manage event bookings/registrations, logistics/preferences and attendance
  • Readily see and visualise activity history/behaviour to spot trends
  • Highly customisable and personalisable to optimise business processes
  • UK-based data and system location for compliant, secure operation
  • Highly responsive support to ensure ongoing satisfaction


£99.90 per user per month

Service documents


G-Cloud 11

Service ID

5 2 6 9 8 6 9 3 4 4 7 1 9 1 0


Cantata Limited

Richard Hill

0207 898 9229

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
Minimum of 5 users; minimum of 15 users for a dedicated platform. The system is supported on most known current platforms including PC and Apple.
System requirements
  • Internet access via browser - for PC (IE, Chrome, Firefox)
  • Internet access via browser for Apple (Safari)
  • Mobile access on Android, iOS and Windows Mobile

User support

Email or online ticketing support
Email or online ticketing
Support response times
A full SLA is available providing guaranteed response times by severity of problem Monday to Friday excluding England Public Holidays.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Onsite support
Support levels
Cantata has a full SLA which is included in the per user price for our cloud service.
The SLA covers issues from urgent Priority 1 (within 30 minute response) to non-urgent requests (4 hour response).
Each client has a account manager and clear escalation path for issues.
Support available to third parties

Onboarding and offboarding

Getting started
Comprehensive implementation and training services are offered.

Our training is provided by specialist UK-based trainers within our team. We have a wealth of standard training collateral for our product which can be tailored to end user's specific training requirements.

Training can be provided on end-user's site, at our offices in London or Oxford, or online as required.

We have standard pricing for a variety of training options.
Service documentation
End-of-contract data extraction
Data can be extracted at any time using system end-user tools. Cantata will supply a full SQL backup of the system at contract end which may be used by suitably skilled professionals to transfer the date to another system.
End-of-contract process
The service and access to the system ceases. A SQL database backup of the system is provided. There are no additional costs for these services.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The browser-based system has full functionality. This is available on mobile devices. We also offer access to the system via mobile apps, which may offer a subset of functionality but have other benefits such as offline access.
Service interface
What users can and can't do using the API
For security purposes, access to the system via an API requires prior agreement, contractual agreement and auditing of the end user organisation. All documentation and support is provided after this agreement. Sandbox and test environments can be deployed on request but may incur additional costs.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Appropriately authorised system users (who are allocated security privileges to customise the system) can add, remove and relocate data fields, grids and other user interface components. They can add or remove user-specific data attributes and relationships. They can execute queries/searches on the data and generate their own dashboards and reports. Users can create and modify business processes. Where a web portal is used, aspects of the portal can be tailored. External systems can be integrated and customised.


Independence of resources
Implementations of 5 to 14 users will normally be on a shared platform but can be placed on a dedicated platform subject to payment of a platform charge.
Implementations of 15 users and above will have a dedicated platform at no additional cost and system resources are not shared with other users.


Service usage metrics
Metrics types
The system itself provides data that can be displayed in a dashboard or via reports.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
7Global wholesale hosting services; Microsoft SPLA licenced software

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Less than once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
End user accessible tools are available (subject to security roles) to export to a variety of formats (Excel, Word, PDF etc.)
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Excel
  • Word
  • PDF
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Excel
  • Word

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
System is available 24/7/365 with 99.6% availability SLA. Service credits offered is SLA not met.
Approach to resilience
Available on request. Services are ISO27001 certified.
Outage reporting
Our dedicated UK support team will notify our clients of any outages they are aware of by e-mail or phone as appropriate.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
All access is password protected, with management/support access involving encrypted multi-factor authentication.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Information security is the ultimate responsibility of the COO, who reports to the Group board.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All system changes have are detailed and is stored in continually maintained release documentation. All changes to the system are thoroughly tested in development and test environments before acceptance and promotion to our live environments.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Patches to our services can be deployed immediately they are known to be available and our internal testing has assured us of their validity. We deploy standard security patches on an ongoing basis. We get information about potential threats from Microsoft, our data centre partner, general research/monitoring and in some cases notification from our customers' own security teams.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Our systems are hosted in an environment with 24/7/265 real time monitoring of all services, including systems environment polling. Any customer notified issues would be responded to with our highest priority support response.
Incident management type
Supplier-defined controls
Incident management approach
Any incidents can be reported to our UK-based support team. Progress in responding to incidents is reported on an ongoing basis from the support team, and dedicated account manager where required.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£99.90 per user per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑