Zyper Ltd


Zyper helps brands and organisations identify their top 1% of users. We don't find influencers, and it's more than just content creation: Zyper creates a network of your most passionate users.


  • Live reporting and monitoring
  • Mobile access
  • Analytics and statistics


  • Publish content from mobile apps
  • Review submitted content
  • Quickly view up-to-date analytics
  • Visualise end-to-end conversion funnel


£9000 per unit per month

  • Education pricing available

Service documents

G-Cloud 10


Zyper Ltd

Zyper Sales



Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints N/A
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times General guidance cases < 24 hours.
Weekend/public holidays within 48 hours.
User can manage status and priority of support tickets No
Phone support No
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard None or don’t know
How the web chat support is accessible You can sign in to the Zyper dashboard using your Zyper credentials.
Web chat accessibility testing None
Onsite support No
Support levels We provide varying support levels, depending on contract requirements and objectives.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide an enrolment schedule which is as follows:
- 30 minute introductory setup call and navigation of the service.
- opt-in newsletters about how to optimise use of the service.
- continued email support for the service for the duration of any campaign.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Brands & organisations can extract related data at any time during or after completion of their campaign.
End-of-contract process The software and management fee are included in the service cost - any additional cost will be due to a change in scope from the pre-agreed Statement of Work.

At the end of a contract, the client may choose to negotiate a form of continuation or choose not to employ our service in the future.

Any data shared between parties will be closed off and passwords will be reset.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Different use cases and users:
- End users (the community) use mobile app (iOS, Android) for the community features
- Brands & Organisations use dashboard to monitor campaign progress and analytics
Accessibility standards None or don’t know
Description of accessibility You can sign in to the Zyper dashboard using your Zyper credentials.
Accessibility testing None.
What users can and can't do using the API Limited functionality is exposed via an API.
Brands & Organisations can use an API to send conversion events to Zyper that will be linked to their campaign's performance.
Zyper support will create and maintain API access.
API documentation Yes
API documentation formats Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Brands & organisations can customise image and text assets in coordination with Zyper support. Depending on service level, this can also be updated by the buyer. Customisation occurs via admin interface on the web dashboard.


Independence of resources Zyper uses automatic scaling for all services. Additional resources can be added on short timescales. Constant monitoring is in place to ensure performance is not degraded.


Service usage metrics Yes
Metrics types Brands & organisations:
Campaign metrics, including agreed targets, can include: reach, engagement rates, posts, community size, broken down as totals and weekly numbers.
Depending on type of campaign, additional information related to conversions (link clicks) are provided.
Individual (custom) deeper analysis is provided on request at a cost.
Regular (weekly) reports are sent by email.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach Zyper ensures data is only accessible and discoverable by authenticated users that have the required permissions level to access a resource (both internal and external users).
Data that is publicly accessible (though not indexible) includes assets that are displayed on our website, dashboards and within the mobile apps.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Users can export their data by contacting Zyper support.
Data export formats
  • CSV
  • Other
Other data export formats JSON
Data import formats
  • CSV
  • Other
Other data import formats JSON

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability SLAs do not define a minimum level of availability.
Approach to resilience We rely on 3rd party cloud hosting providers to ensure their datacentres and services have a resilient setup.
Outage reporting Zyper reports any outages via email alerts.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Zyper uses multiple permission levels to ensure access is only granted to resources required by the individual user.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Less than 1 month
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for Less than 1 month
How long system logs are stored for Less than 1 month

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach We perform 3rd party enterprise auditing in situations where this is required by clients.
Information security policies and processes Regarding information security, we have internal/external data privacy policies, information protection and acceptable use policies, security, security breach/incident response and disaster recovery policies all applied and viewable to all staff.

All staff are required to follow internal training materials to assess their knowledge in these processes and we have access limitations based on seniority and requirement to access particular data sets within the company (management level employees have entry access; senior software level employees have advanced access).

Processes, training and policies are reviewed quarterly.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Are process is as follows:

- request for change logged
- impact of change analysed
- change approved or denied
- change implemented operationally and technologically
- team briefed on operational changes required as a result
- improvement resulting from change reviewed from a user service impact and security impact perspective
Vulnerability management type Supplier-defined controls
Vulnerability management approach We have internal data logs that proactively alert us to any attacks/threat to our system. These are sent to at least 3 members of our team who follow our security policy and security breach/incident response protocol to assess potential threats.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Internal logs would notify our development team preemptively to a potential breach; response is as per our incident management guideline of 1) flagging the breach, 2) assessing the point of compromise and scope/data breached/number of subjects impacted, 3) notifying the Data Protection Authority and subjects of the breach and 4) containing unauthorised access to the data, setting up IT security protections and stress-testing new measures.

We respond within 2 hours and notify relevant parties within 72 hours.
Incident management type Supplier-defined controls
Incident management approach We have internal structures to handle typical and atypical incidents.

If the incident is part of the user journey, they have direct personal and user-specific email addresses as well as instant messaging via Intercom as a way of flagging an incident.

Incident reports are produced internally and submitted via PDF form in SFTP transfers to users.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £9000 per unit per month
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑