Wild Rest Limited

Qtip.me - Cloud queuing and Feedback for Customers

Qtip.me is a cloud service that enables people to queue for a service remotely using their mobile phone allowing freedom to utilise waiting times thereby improving the customer service experience. For the buyer, it brings down operating costs and makes it easy to manage customer queues and interact with customers.


  • Remote and mobile queuing via Mobile and Web apps
  • Identify the customer and their needs in advance
  • Receive instant customer service feedback
  • Real time monitoring of customer flow and feedback
  • Support for scheduling appointments or reserving time
  • Integrate with web, mobile apps, other services using REST APIs
  • Real time PUSH, SMS notifications about queue's progress
  • Track your staff's productivity and development needs
  • Ticket notes for future reference for returning customers


  • Reduce customer's waiting time by upto 50%
  • Zero overhead for queue maintenance and management
  • One stop solution for Customer queue and feedback management
  • Predict your customer flow and plan accordingly
  • Connect every customer interaction with feedback
  • Improve staff productivity by making information available in advance
  • Identify and act on service bottlenecks in real time
  • Happy customers and energetic staff


£500 to £1800 per unit per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 9


Wild Rest Limited

Norman Day



Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints All qtip.me services run in the cloud and are location based. Everyone who uses this for queuing must allow location access in their browser or for the installed application. For the buyer (business), they need access to working internet connection and a browser to manage their Queuing Dashboard.

The system is installed in two tier (tier 1 = public; web apps; tier 2 = private; qtpi.me APIs), usually managed by supplier. In case the buyer wants to manage the service on their own (e.g. within their firewall), the appropriate system requirements must be met which are given below.
System requirements
  • For server, at least: 2GB RAM; 30GB disk space
  • Software stack: LAMP (Linux, Apache, MySql, PHP)
  • Recommended - Linux Ubuntu 14.04
  • Recommended - Apache v2.4
  • Recommended - MySql v5.5
  • Recommended - PHP v5.4+

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Email support is available between 9:00 - 18:00 UTC on all days except bank holidays. All tickets with severity high and above are usually answered within 2 hours. It is also possible to escalate issues that block the product usage.
User can manage status and priority of support tickets No
Phone support No
Web chat support No
Onsite support Yes, at extra cost
Support levels Support levels:
* Level 0: FAQ + Help available on website
* Level 1: Email support with help related to forgot password, understanding the front-end; documentation related to system features etc.
* Level 2: On-site support, which is charged extra; usually includes staff training of the software.

It is possible to provide an Account Manager or Cloud Support Engineer however, this must be agreed with the buyer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started To be able to start using the system, the buyer has to licence the system for multiple account use or create as many number of accounts they want on the managed system. Once the Cloud Queuing Dashboard has been created, the buyer's staff can access the user documentation available on the website. We also provide with a "Getting started document" that explains the basics of the system. It is possible to schedule an onsite or online training; however, they are charged extra.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction No personal user data is stored in our system unless, the buyer wants to do so (e.g. they want to identify their customer). In any case, the buyer and supplier agree when the identification data is wiped out automatically from our system. Typical wipe-out scenarios are: after a ticket has been served; after 6 months; after 12 months; after buyer account deletion.

For all the buyer's staff account, no personal data is stored either; other than their username and password. When the contract ends, all this information is wiped out from our database.
End-of-contract process At the end of contract; the Cloud Queuing Dashboard account is deleted by us and all identifiable data related to this account is wiped out. This means that all user accounts for buyer's staff is removed; It is not possible to recover the data once the accounts have been deleted. The end of contract process is included in the price of contract. Unless the system has been customized, the end of contract process is always included in the price.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The mobile interface of our service is available for the end-users of the system who will use their mobile devices to secure their place in the queue. For the buyer, currently, this system can be used only from a browser on their laptop, desktop or tablet computer.
Accessibility standards WCAG 2.0 A
Accessibility testing Keeping in mind the nature of the product and that it can be accessed by everyone; no specific interface testing has been done with users of assistive technology. However, it is made sure via automated testing that all controls and inputs follow the WCAG 2.0 guideline. The same holds good for the formatting of the webpage as well.
What users can and can't do using the API APIs are available for integration with other services. Businesses must obtain an API key per account and use that for all sorts of integrations. Available APIs for integration to website, mobile apps etc are:
- getplaces
- getqueues
- taketicket
- getmytickets
- givefeedback
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation All the customization of the software comes at additional cost and is done by Codemenders Oy. It must be discussed what needs to be customized. Example, "taketicket" behaviour can be customized if there is a specific requirement from the buyer.


Independence of resources For licensed purchases, we recommend the buyer the limitations of the service and suggest them to use load balancing if they plan to use service above the recommended standards.

Same concept is applied for managed accounts as well. Apart from this, our system has been thoroughly tested to work for 60 tickets per second which also means that it can handle upto 216000 tickets per hour.


Service usage metrics Yes
Metrics types Metrics is provided on per day or date range basis. Example of some of the data provided as a part of the metrics are:
* Average service duration
* Average wait duration
* Average feedback
* Per ticket break down of wait duration, service duration, feedback
* Time based statistics of "expected wait time"

Apart from this, its possible for the account admin to view productivity metrics for a staff; e.g. time spent per ticket, feedback received per ticket, related average values.
Reporting types
  • API access
  • Real-time dashboards


Supplier type Reseller (no extras)
Organisation whose services are being resold Codemenders Oy

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach For buyer's staff accounts, it is not possible to export the data at this point of time. Their account contains data like: username, email and phone (for notifications), password. However, if this is a requirement from the buyer, then the supplier and buyer should agree on the customization and implementation details.

A valid export situation is to export the customer flow statistics (e.g. per ticket details like waiting time, service time, feedback, customer's name). All of this data can only be exported by account admin and is exported in CSV.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Unless in situation of an unforeseen circumstance (including act of god), our SLA includes: Cloud service uptime of 99.9%. Monitored email support between 9:00 - 18:00 UTC on all days except banking holidays.

Refund in case of non-compliance to guaranteed levels must be agreed in the contract and is subject to case-by-case basis.
Approach to resilience Backup of real time queuing data happens every 4 hours. Backup of user accounts (buyer, buyer staff) and system configuration happens every 24 hours.

Every backup is checked with possibility to setup a new instance with that data. Any information more than this is made available on request and once an NDA has been signed.
Outage reporting Email alerts, social media accounts (e.g. twitter), public blog.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Different accounts have different level of access to the system. It is just not possible for client level access (e.g. mobile clients) to access any data that is meant for the user (e.g. daily statistics). This is done at various levels based on key based authentication, username-password validation and hence, an access token based authentication etc.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes All data stored on our server (database) is deemed highly confidential.
All data that could identify an individual (e.g. user-accounts, password) are encrypted.
All communication with the server (e.g. for maintenance purpose) has to happen through SSH Certificate Login.
All the servers must be configured to handle DOS, DDOS attacks, Sql Injections, typically using the mod_security plugin of Apache.
All the servers must be secured with industry standard tools like UFW, Fail2Ban, DenyHosts.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach As for the server is concerned, all the unwanted ports are kept closed all the time and no such change is agreed to which causes change in the firewall configuration of the server. All software changes to the cloud service are assessed for severity of impact on security of the system by performing black box and white box testing of Cloud service offering. Typical example would be that when a new API is introduced, it is thoroughly tested for all positives, false positives, negative scenarios to make sure it does not cause any surprises.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Standard tools like rkhunter are used to identify vulnerability in the cloud software server. General know how of potential threats are obtained from the tech blogs and mailing lists (e.g. heart bleed bug or shell shock). Server is regularly checked for any known vulnerabilities and security patches are applied based on requirement.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Various system monitors keep running on the server than alert the administrator for any potential compromises. Any unauthorized access to the server is immediately blocked and email triggered to admin for review of the approach. All such incidents are treated with utmost priority and responded to as soon as possible.
Incident management type Supplier-defined controls
Incident management approach Common approach for incidents related to the cloud server is to launch a new service instance with the latest backup available and a pre-defined and secured image of the operating system. Incident reports are provided using standard tools like LogWatch, Tiger.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £500 to £1800 per unit per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial FREE trial includes all functionalities of the software that can be tested on a staging server. It is available for a maximum duration 6 weeks.


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑