Goldclipper Computing Ltd

That's My Rota

Administrators can define people, places, roles, tasks, time periods, availability, unavailability, and preferences. These are used to create a conflict-free rota automatically (or manually), which can then be edited. People being scheduled may have non-admin access, or may receive rota details via email, SMS, hard-copy, or calendar integration.


  • centralised data
  • runs in any modern browser
  • device-agnostic


  • manage simple and complex rota patterns
  • make rota changes immediately available to staff
  • understand staff utilisation (can be rolled up in multiple ways)
  • quickly and automatically generate conflict-free rota
  • edit rota manually without creating conflicts
  • easily identify and remedy gaps in rota
  • view past rotas for analytical purposes


£0.80 to £1.50 per unit per month

Service documents


G-Cloud 11

Service ID

7 2 4 7 4 9 7 3 6 3 0 4 6 1 5


Goldclipper Computing Ltd

Jamie Hepburn

020 8546 5950

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints N/A
System requirements Modern browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 1 hour in UK office hours; outside of that, best endeavours.
User can manage status and priority of support tickets No
Phone support No
Web chat support No
Onsite support Yes, at extra cost
Support levels Questions about using the application go straight to third-line support. The cost is included in the service price. Additional support, e.g. on-site support, would be charged at T&M - see the rate card for details.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The service is designed to require no specific training. A series of "first-time" pages guide the new user through set-up. There is extensive on-line help.
Service documentation Yes
Documentation formats Other
Other documentation formats Online within the pages of the service
End-of-contract data extraction All data can be downloaded by users with appropriate privileges (at any time during the contract).
End-of-contract process Users may download reports and data at the end of the contract (and during the contract). User data is purged from the database within 5 working days of the end of the contract, at no additional charge. More stringent deletions could be made at cost (T&M for staff time, at cost for 3rd-party confirmation etc).

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The mobile interface has much less content / data per page, and is primarily intended for much simpler interactions with the service. That said, all of the pages in the service are responsive and can be used on mobile devices.
Service interface Yes
Description of service interface The service interface is a browser-based UI. It has been developed in a framework based on WCAG 2.0 AA.
Accessibility standards None or don’t know
Description of accessibility The service is developed using a framework based on WCAG 2.0 AA. However, as that is not listed above, I have stated "None or don't know"
Accessibility testing None.
Customisation available No


Independence of resources We can't completely guarantee this, but usage is not resource-intensive.


Service usage metrics Yes
Metrics types All entity types managed by the service (people, locations, sessions, roles, etc) can be reported on using standard time periods (years, months), or user-defined date ranges.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Never
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach The service allows users to export their data in csv, HTML, or pdf.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Dark fibre

Availability and resilience

Availability and resilience
Guaranteed availability We don't yet guarantee a level of availability
Approach to resilience Available on request
Outage reporting Public dashboard

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Username and password
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach This is a relatively new service, so we may review this in due course, but the current approach is:
* every major release includes a security review
* additionally, security reviews are completed quarterly as a separate task
* we use industry-standard software to identify vulnerabilities
Information security policies and processes The service is checked for vulnerabilities using a tool and peer-reviewed.
Releases cannot be made without passing peer-review OR at the discretion of a director (e.g. release 2.1 has failed review, but is deemed to improve a known vulnerability in release 2.0).
If any actions are taken (e.g. fixes applied), the review is performed again to ensure that the desired improvements have been achieved.
All security concerns are reported to the director responsible for security.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Individual software components are managed using an in-house source control system. All components are peer-reviewed for quality including security impacts. Major and minor releases of the service are only made with components that have passed review.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The supplier of our software environment
Protective monitoring type Supplier-defined controls
Protective monitoring approach We rely on our hosting provider to monitor this.
Incident management type Supplier-defined controls
Incident management approach We are only just releasing the service, so we haven't identified any common events yet. Users will report incidents through the normal support channels and we will report using those channels.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £0.80 to £1.50 per unit per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Fully-featured but limited to 3 weeks. We may also limit the data volumes but do not do so currently.
Link to free trial On request

Service documents

Return to top ↑