Web Chat

Chat allows you to offer real-time chat assistance to your website visitors. Your agents can chat , push urls and co-browse both reactively and pro-actively too. It is quick, efficient, customer friendly and what customers want.


  • • Text chat instantly with your customers
  • • Real time engagement
  • PCI compliant for payments in chat
  • • Operates via one line of JavaScript - Light touch
  • • Page Share and full Co-Browse
  • • One or two way Video option
  • • Fully customisable by client
  • • Full Library and push URL
  • • Canned responses automatically filled in
  • • Full back office of insights and analytics


  • Increases online sales
  • Handle multiple customers at one time
  • Enhances Customer care
  • Channel shift possibility


£85 per unit per month

Service documents


G-Cloud 11

Service ID

6 1 2 4 3 1 0 6 8 6 9 8 4 9 8



Louisa Seymour

07825 219705

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to All other services
Cloud deployment model Private cloud
Service constraints None that aren't browser related (such as using old browser versions).
System requirements
  • Windows 7 or above
  • Mac OSX 10.8 or above
  • IE9 or above.
  • Google Chrome (30 or above).
  • Mozilla Firefox (27 or above).
  • Opera (22 or above).
  • Safari (6 or above).

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times do not change at the weekends. Response times differ on the error severity for example: Serious (24/7 Support) - 1 hour Service Affecting - 4 Business Hours Minor - 48 Business Hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Cover 1 - Charged at 5% of annual service cost, payable in advance
Monday to Friday 09.00 – 18.00, excluding UK public holidays to include help desk telephone support providing user assistance and fault reporting, and resolution within SLA.
Cover 2 – Charged at 8% of annual service cost, payable in advance
Monday to Saturday 09.00 – 18.00 excluding UK public holidays to include help desk telephone support providing user assistance and fault reporting and resolution within SLA.
Cover 3 – Charged at 10% of annual service cost, payable in advance
Monday to Saturday 24 hour a day (24/6) to include help desk telephone support providing user assistance and fault reporting and resolution within SLA.
Cover 4 – Charged at 15% of annual service cost, payable in advance
Seven days a week 24 hours a day (24/7/365) to include help desk telephone support providing user assistance and fault reporting and resolution within SLA.
Other maintenance schedules can be agreed upon request.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide complete end to end account management, onsite and online training and online user documentaion
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction This can be a manual process via the API or console or they can request this as a mass transfer as required by their security/business requirements.
End-of-contract process There are no costs at the end of a contract and we require three months notice before the contract end.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile has different collapsed styling
Service interface No
What users can and can't do using the API You can harvest data from the API, or, for bespoke implementations handle chats via the API using your own application/interface.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Front end can be completely skinned by the client and their design team. They provide the design to us as part of implementation and we apply. This can be modified going forward as needed by the client.


Independence of resources Our systems are constantly monitored and never exceed 60% of system capacity. When 60% is reached, more containers are added horizontally to scaled the platform in real time without affecting service uptime.


Service usage metrics Yes
Metrics types We provide many metrics based on the customer experience (tracking activity on the website) along with performance metrics for agents, and general 'overview' information. We also provide customer feedback via online surveys.
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Users can export as JSON over the API or CSV via the console. Other methods are available such as mySQL dump - this would need to be requested separately and may incur additional cost.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • MySQL Dump
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • MySQL Dump

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We support 99.99% uptime as part of our SLA, but for the last 12 months have achieved 100% uptime. Users are refunded on a pro-rate basis for any time this is exceeded. We have never had to perform any refunds.
Approach to resilience This information is available on request.
Outage reporting There is a public dashboard for this, along with account management who will update via email.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Username or password
  • Other
Other user authentication Can be setup to work only to pre-defined IP addresses as required.
Access restrictions in management interfaces and support channels User roles define the level of access any user will have to the system. User actions when authenticated are recorded for audit purposes.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Assessment Bureau
ISO/IEC 27001 accreditation date 03/05/2019
What the ISO/IEC 27001 doesn’t cover All covered
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Verizon
PCI DSS accreditation date 16/09/2010
What the PCI DSS doesn’t cover Nothing.
Other security certifications Yes
Any other security certifications
  • Cyber Security Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes For ISO27001 we have to show our compliance with our own ISMS which includes a complete Information Security Policy. This is escalated to the service desk internally and externally and then up through the management layer to the board. This is reviewed externally to ensure compliance before certification is awarded.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We adhere to our clients change management processes as required, either using ITIL or PRINCE2 as preferred by our clients.

Changes are always impacted for risk and effort by the responsible area and fed back to all stakeholders via an IA document prior to work being scheduled.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We have information about potential threats from multiple online sources including security providers, blogs, forums and other community areas for our application stack. There is a 2 weekly patching cycle, and sooner if threats are discovered or announced.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We use web application firewalls and intrusion detection systems to identify potential compromises. These are alerted immediately to system admins who would assess and action.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We have pre-defined processes as part of our ISMS users report incidents to our 24/7 service desk who also provide reports to clients about incidents. This may also be provided via the account manager.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £85 per unit per month
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑