Cantata Limited

Cantata Vantage CRM

Cantata Vantage CRM is a private cloud CRM system for organisations from as little as 15 users (typically 20-500). It is based on Microsoft Dynamics CRM and fully integrates with Outlook and Office. Vantage includes user interface improvements, data visualisation, web portals, event management, case management and more.


  • Contact management for B2C and B2B including user interface extensions
  • Case management including advanced business process management and KPIs
  • Activity tracking including e-mail/calendar integration and timeline visualisation
  • Real-time, offline and machine generated reporting and dashboards
  • Web portal functionality including logon, registration and reporting
  • Events management capabilities including self-service
  • Stakeholder management features including parliamentary, press & public affairs capabilities
  • Tagging, segmentation and flag marketing capabilities for advanced data segmentation
  • Support for multiple devices including different web browsers and mobile
  • Comprehensive, UK-based, implementation services and SLA-backed support


  • Keep track of all individual and organisation contacts
  • Effectively manage case work against SLAs and KPIs
  • Allow user and customer self-service through multiple devices
  • Comprehensively track activity across e-mail, phone, post and mobile channels
  • Personalise communication and activity to stakeholders and customers
  • Automate and manage event bookings/registrations, logistics/preferences and attendance
  • Readily see and visualise activity history/behaviour to spot trends
  • Highly customisable and personalisable to optimise business processes
  • UK-based data and system location for compliant, secure operation
  • Highly responsive support to ensure ongoing satisfaction


£99.90 per user per month

Service documents

G-Cloud 11


Cantata Limited

Richard Hill

0207 898 9229

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Minimum of 5 users; minimum of 15 users for a dedicated platform. The system is supported on most known current platforms including PC and Apple.
System requirements
  • Internet access via browser - for PC (IE, Chrome, Firefox)
  • Internet access via browser for Apple (Safari)
  • Mobile access on Android, iOS and Windows Mobile

User support

User support
Email or online ticketing support Email or online ticketing
Support response times A full SLA is available providing guaranteed response times by severity of problem Monday to Friday excluding England Public Holidays.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Cantata has a full SLA which is included in the per user price for our cloud service.
The SLA covers issues from urgent Priority 1 (within 30 minute response) to non-urgent requests (4 hour response).
Each client has a account manager and clear escalation path for issues.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Comprehensive implementation and training services are offered.

Our training is provided by specialist UK-based trainers within our team. We have a wealth of standard training collateral for our product which can be tailored to end user's specific training requirements.

Training can be provided on end-user's site, at our offices in London or Oxford, or online as required.

We have standard pricing for a variety of training options.
Service documentation No
End-of-contract data extraction Data can be extracted at any time using system end-user tools. Cantata will supply a full SQL backup of the system at contract end which may be used by suitably skilled professionals to transfer the date to another system.
End-of-contract process The service and access to the system ceases. A SQL database backup of the system is provided. There are no additional costs for these services.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The browser-based system has full functionality. This is available on mobile devices. We also offer access to the system via mobile apps, which may offer a subset of functionality but have other benefits such as offline access.
Service interface No
What users can and can't do using the API For security purposes, access to the system via an API requires prior agreement, contractual agreement and auditing of the end user organisation. All documentation and support is provided after this agreement. Sandbox and test environments can be deployed on request but may incur additional costs.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Appropriately authorised system users (who are allocated security privileges to customise the system) can add, remove and relocate data fields, grids and other user interface components. They can add or remove user-specific data attributes and relationships. They can execute queries/searches on the data and generate their own dashboards and reports. Users can create and modify business processes. Where a web portal is used, aspects of the portal can be tailored. External systems can be integrated and customised.


Independence of resources Implementations of 5 to 14 users will normally be on a shared platform but can be placed on a dedicated platform subject to payment of a platform charge.
Implementations of 15 users and above will have a dedicated platform at no additional cost and system resources are not shared with other users.


Service usage metrics Yes
Metrics types The system itself provides data that can be displayed in a dashboard or via reports.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold 7Global wholesale hosting services; Microsoft SPLA licenced software

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach End user accessible tools are available (subject to security roles) to export to a variety of formats (Excel, Word, PDF etc.)
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Excel
  • Word
  • PDF
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Excel
  • Word

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability System is available 24/7/365 with 99.6% availability SLA. Service credits offered is SLA not met.
Approach to resilience Available on request. Services are ISO27001 certified.
Outage reporting Our dedicated UK support team will notify our clients of any outages they are aware of by e-mail or phone as appropriate.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels All access is password protected, with management/support access involving encrypted multi-factor authentication.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 12/3/14
What the ISO/IEC 27001 doesn’t cover TBA
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification TBA
PCI DSS accreditation date TBA
What the PCI DSS doesn’t cover TBA
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Information security is the ultimate responsibility of the COO, who reports to the Group board.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All system changes have are detailed and is stored in continually maintained release documentation. All changes to the system are thoroughly tested in development and test environments before acceptance and promotion to our live environments.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Patches to our services can be deployed immediately they are known to be available and our internal testing has assured us of their validity. We deploy standard security patches on an ongoing basis. We get information about potential threats from Microsoft, our data centre partner, general research/monitoring and in some cases notification from our customers' own security teams.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our systems are hosted in an environment with 24/7/265 real time monitoring of all services, including systems environment polling. Any customer notified issues would be responded to with our highest priority support response.
Incident management type Supplier-defined controls
Incident management approach Any incidents can be reported to our UK-based support team. Progress in responding to incidents is reported on an ongoing basis from the support team, and dedicated account manager where required.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £99.90 per user per month
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Terms and conditions
Service documents
Return to top ↑