Callmy Ltd

Callmy Alert Lone Worker SOS

Callmy Alert SOS is a cost effective Lone Working app for any size of organisation and is used to deliver duty of care to staff and to comply with Health and Safety legislation.

The app can also receive emergency messages, when used with the optional Callmy Alert Mass Notification service.

Features

  • Instant SOS activation with a press of a button.
  • Timed SOS activation with countdown function.
  • Audible alert to prompt user to cancel or extend timer.
  • Call for help feature - connects to a response team.
  • Track and locate users when SOS is activated.
  • When SOS is active listen to the user.
  • Download audio recordings for evidential use.
  • Configure, managed and monitor service via web based portal.
  • Self managed or BS8484 managed service options.
  • Includes the Callmy Alert Mass Notification Service

Benefits

  • An easy to use and discreet service.
  • Cost effective and simple to deploy.
  • Reduces costs of hardware based products.
  • Optimised to minimise battery use.
  • Optimised for use in areas with poor connectivity.
  • Monitor end users locations to support emergency response.
  • Send message directly to the users Callmy Alert app.
  • Warn and Inform users to aid, mobilisation, lockdown and evacuations.

Pricing

£2.00 a user a month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

6 1 9 3 5 7 5 9 8 3 7 6 7 7 4

Contact

Callmy Ltd

Tony Watson

020 31891250

tony.watson@callmy.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Standard service is provided during normal working hours. This can be upgraded if required.
System requirements
  • Administration access requires a Chrome or MS Edge browser
  • The Callmy Alert iOS app requires iOS 8 or later
  • The Callmy Alert Android app requires version 6 or later

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support questions are responded to within 4 hours
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Customers have access to the Callmy support team, which can be accessed by authorised contacts using dedicated phone and email access.

Standard Support - provided seven days between 09.00 and 17.00
Response to technical questions, received from authorised contacts via phone or email . Included as part of the standard price.

Enhanced Support - provided seven days 24 hours per day.
Response to technical questions received from authorised contacts via phone or email . This is charged at either £1,000 per annum, or 8% of the annual contract value, which ever is greater.

Provisioning requests - if required authorised administrators can request new service provisions between Monday and Friday during normal working hours. Included as part of the standard price.

Fault Reporting - authorised contacts can report technical faults, via phone or email, on a 24x7 basis - provided as part of the standard service delivery.

Training Support - Callmy Alert Administration training is provided as part of the standard service implementation and this can be conducted either on the customers site or remotely. Administrators have free access to online training material and can request additional remote training sessions as required.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The Callmy service team will liaise with the buyer to configure the service as they require. They will also deliver training, either on site or remotely and provide access to training material - PDF and video.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
The authorised service administrator(s) will delete their data via the Callmy Alert Management Portal. The Callmy Alert service desk can also perform this task if required.
End-of-contract process
At the end of the contracts initial term, the customer has the option to extend for another agreed period; the minimum being 12 months, or to terminate. Callmy Alert will work with the customer to decommission the service and this does not incur any additional charges.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The app is only used by end users to facilitate their SOS service. The desktop provides service administrators with access to various management tools, the ability to monitor user location and to triage SOS activations.
Service interface
Yes
Description of service interface
The Callmy Alert Management Portal provides full access to details of every aspect of the service. This enable services to be configured and allocated to users, the ability to monitor end user locations, see which users have set their SOS timer, see if a user has activated their SOS alert, listen to users audio when their sos is active and track users precise GPS location when the SOS is active.
Accessibility standards
None or don’t know
Description of accessibility
Complying with accessibility standards is part of the current development roadmap.
Accessibility testing
None
API
Yes
What users can and can't do using the API
The Callmy Alert service is integration ready and customers access and manage API integrations through a Swagger page.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
The capacity of the Callmy Alert service is actively monitored and resource allocated, based on historic usage patterns and anticipated peak demands. If additional capacity is required, it is scaled into service to maintain availability and service levels.

Analytics

Service usage metrics
Yes
Metrics types
Authorised administrators can view metrics on: numbers of users, which users have activated their SOS alert, which users have set their SOS timer and for how long, if the timer elapsed and triggered the SOS. This data includes tracked GPS information and audio recordings captured during the SOS activation. All information is time and date stamped and details of relevant durations are available. Details can be exported to Excel for further analysis.
Reporting types
Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Data can be exported to Excel
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Callmy Alert is a 99.99 available service and this forms part of the SLA
Approach to resilience
Callmy Alert is delivered from two Microsoft Azure ISO 27001 certified data centres and the application is operationalized to ensure there is no single point of failure. The Callmy Alert service backs up data in real-time and can automatically failover should the primary data centre become unavailable or a software component fail. The Service Level Agreement states that Callmy Alert is 99.99 available.
Outage reporting
Callmy Alert employs various services to monitor the hosting environment and application. These include Azure, Datadog, Pingdom and Twilio. Alerts are sent to the service management team using dedicated apps, sms and email.

Identity and authentication

User authentication needed
Yes
User authentication
Identity federation with existing provider (for example Google Apps)
Access restrictions in management interfaces and support channels
Administrators have to be added to the service via a secure Management Portal - this also defines their permission to access and manage Callmy Alert's capabilities. Administrators can only log in using their registered email address and password. It is also advised Administrators enable the services two factor authorisation.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
The Callmy Alert hosting environment is certified to IS027001.

Callmy Ltd is Cyber Essentials IASME Certified
Information security policies and processes
Callmy Ltd has information security policies in place to cover both internal business systems and also the security of the Callmy Alert service.

Callmy Ltd's Information Security policies and procedures are documented and are available on request.

Polices include: DPA Policy, Information Security Plan, Data Protection Impact Assessment, Data Breach Policy and Acceptable Usage Policy. The Policies are reviewed on a regular basis and changes are reflected in the documentation.

Incidents and issues relating to Information Security are reported to the CEO who ensures the appropriate procedure is followed.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Callmy Ltd employs a configuration process to systematically manage, organise, and control the changes in documents, code base, and other entities during the development life cycle. The components tracked include the core application, database, notification hubs, streaming service, web services and end user app. Regular tasks are managed and reviewed that include:

- Configuration Identification
- Baselines
- Change Control
- Configuration Status Accounting
- Configuration Audits and Reviews
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Callmy Ltd's development team assess the service for vulnerabilities on a monthly basis and these are logged in Microsoft Visual Studio Team Services. They are ranked as low, medium or high risk to enable the development team to make threat level/service impact assessments, allocate resources and plan deployments accordingly. This process is signed off by a senior manager and the rationale for the decisions taken logged - this forms part of the ongoing vulnerability management process.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Callmy Alert is monitored for:

- Invalid administrative login attempts.
- Exceptional network activity within the Azure environment.
- Exceptional levels or suspicious activity accessing the Azure environment; from email or voice, for example.
- Exceptional levels of activity from a device; app location for instance.
- Suspicious end user activity.

Various means of alerting key stakeholders of exceptional/suspicious activity and critical incidents are employed. These alerts prompt the response team to access Callmy Alert's audit logs to make assessments and employ remedies. The time to respond forms part of the SLA and this is attached to this submission.
Incident management type
Supplier-defined controls
Incident management approach
Callmy Ltd has a pre-defined process for common events and this forms part of the Callmy Service Level Agreement.

Users report incidents either via the agreed support email address or phone number. These are logged and triaged for resolution. The user and main customer contact will receive details on how the incident is being managed/resolved - a post event report is provided to the user/main customer contact. This is report is also logged in the customer record on the Callmy Ltd's CRM system.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2.00 a user a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
The free trial covers the Callmy Alert mass notification service. It includes access for 2 administrators, up to 20 users and one message group. The trail is for one month and all service and support is freely provided.

Service documents

Return to top ↑