Synap LMS (Learning Management System)

Synap is an intelligent Learning Management System (LMS) which helps organisations deliver engaging, impactful and personalised training at scale.

Synap is easy to use and administer, supports a range of learning content and can be branded and customised to your organisation's needs.


  • Personalised learning algorithms tailored to each user
  • Hosted Learning Management System (LMS) designed to scale
  • Single Sign On
  • SCORM / Tin Can / xAPI support
  • Real time reporting
  • Data import / export
  • Works on any device
  • White-labelled branding and custom domain available


  • Reduce training costs
  • Incredibly easy to use and administer
  • Improve engagement with online training by breaking down topics
  • Custom features, integrations and reports available
  • Dedicated account manager to assist with onboarding and training


£3000 to £40000 per instance per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10



Dr. James Gupta


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Synap is available 24/7. Users are informed in advance of any planned maintenance, which takes place outside of business hours.
System requirements
  • Web: Modern browser (IE9+, Firefox 4+, Chrome 11+, Safari 5+)
  • IOS 10+
  • Android: 6+

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Same day
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.0 AA or EN 301 549 9: Web
Web chat accessibility testing Our web chat is powered by Intercom, and industry-leading customer support solution. We will be performing accessibility testing with users in late 2018.
Onsite support Yes, at extra cost
Support levels All clients are able to access email, web and phone support, as well as an account manager at no extra cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide onsite and online training at no extra cost. User documentation and a discussion forum for managers / administrators is also provided online.

We can set up your LMS within a matter of hours, which comes with all the tools you need to invite users, add content and set up courses. However, we're also happy to spend more time setting up a custom implementation i.e. with integrations to your existing systems, helping to train and onboard your staff and import existing learning content, which we can do within 2-4 weeks.

You can perform a bulk upload of users or integrate with Single Sign On / Active Directory to provide access to the system.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction We will provide a data extract in CSV/JSON/SQL format
End-of-contract process At the end of the contract, customers may renew their annual license at the same rate.

Alternatively, if a customer wishes to cancel their service and informs us in writing at least 60 days before the end of the contract, we will provide exports of their data and learning materials in commonly used formats such as JSON, CSV, SCORM or HTML as appropriate. Following this, their environment will be permanently shut down and data destroyed at a date agreed upon with the customer.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Our mobile apps have been developed specifically for iOS and Android devices. They offer similar functionality overall, but the mobile apps also benefit from offline access and push notifications.
Accessibility standards None or don’t know
Description of accessibility We have developed the platform in-house and conforming to w3c recommendations / good practice wherever possible.
Accessibility testing We will be conducting user testing sessions in late 2018.
What users can and can't do using the API API access is available on request, and at an additional cost. Users can use the API to update user information, add content, and stream analytics from the LMS.
API documentation Yes
API documentation formats Open API (also known as Swagger)
API sandbox or test environment Yes
Customisation available Yes
Description of customisation As Synap is our own in-house platform, we have considerable flexibility in customising and adding new features, tailored to the need of each client.

Our in-house technical team are happy to work with clients on a 1:1 basis to discuss their needs.

Commonly-requested customisations involve various integrations, Single Sign On and custom reports, but we are also able to add other features to the LMS.


Independence of resources Synap is hosted on Amazon Web Services Elastic Beanstalk service. This is an an auto-scaling environment, which adds new servers/capacity in real-time to meet demand.

For large clients or at an extra cost, we can host a client's Synap instance on it's own dedicated environment.


Service usage metrics Yes
Metrics types Synap has a very flexible analytics set-up. By default, we provide:
- Total / Active Users
- Time spent on platform
- Average score / improvements

And can also set up custom analytics reports depending on what each user needs.

Users also have significant control over defining their own analytics reports through an easy-to-use interface
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Request an export from our support team
Data export formats
  • CSV
  • Other
Other data export formats JSON
Data import formats
  • CSV
  • Other
Other data import formats JSON

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability By default, we do not offer an uptime guarantee or SLAs. However, Synap has maintained a consistently high uptime (>99.9%) over the last few years.

SLAs and dedicated environments are available at an extra cost.
Approach to resilience Synap is hosted on a modern cloud infrastructure provided by Amazon Web Services, hosted within the EU (Dublin).

We use a failover system for our server and database, whereby there are always two instances running, so if one fails another is able to take over seamlessly with no service interruption.

Our architecture is designed with scale in mind, and currently handles tens of thousands of users each day.
Outage reporting We report outages through a public dashboard and email alerts to our clients.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Access to our systems is restricted on a 'need to know' basis and reviewed regularly.
Access restriction testing frequency At least once a year
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Cyber Essentials
Information security policies and processes We are a small team managed in one central location. We do not use removable media, and if sensitive data must be downloaded to an employee's device, our policy is to delete it securely as soon as possible.

Passwords must be secure, not written down and changed regularly.

Staff have regular security training provided by our CTO.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Changes are all tracked through granular commits in Git.

Changes are signed so that the author can be positively identified.

All changes are manually reviewed by our CTO for potential security impact.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We have a managed patch agreement with our hosting provider, Amazon Web Services, whereby they will automatically patch our servers with minor and/or critical releases.

Larger and other releases, such as to individual components, are done as soon as possible (within 14 days).

We get information about potential threats through the AWS dashboard as well as several notification services.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We monitor our servers with AWS tools and other services to detect DDoS and similar attacks.

We have pagers set up so that a C-level exec is notified as soon as an incident or potential incident emerges.
Incident management type Supplier-defined controls
Incident management approach Incidents are recorded in our project management software, Jira. We also record error logs which are stored securely.

For our mobile apps, errors are automatically recorded and logged with a tool called Crashlytics.

Users can report incidents via our support service, Intercom.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £3000 to £40000 per instance per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial We can provide a 14 day free trial for customers. This includes everything apart from features which require custom development.

Other limitations of the trial such as the amount of content and number of users are judged on a case by case basis


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑