Our HR application boasts plentiful features which aim to drive the efficiency of your organisation. Manage onboarding, employee data and files, leave, expenses, performance management, reports and documents that your entire team will enjoy using, and with ease. Optimised and accessible anywhere on all devices and browsers.
- Easy to use interface, little end user training required
- Core, Leave, Expense and Performance Management Modules Available
- Remotely Accessible via Computer, Tablet or Mobile Device
- Securely Cloud Hosted
- Only Requires HTTPS access
- GDPR Compliant
- Highly Configurable Modules
- Quick and Easy Onboarding
- Fully Encrypted and Indexed 'Filing Cabinet' for all HR Documentation
- Intuitive and Simple to Use
- Accessible Anywhere from any Device
- Fully Audited
- Secure and Safe to Use
- One Place for Everything HR Related
- Scaleable and Sustainable
- 24/7 Support
- Only Pay for What You Use
- No Setup Costs
£1.50 to £5 per person per month
- Education pricing available
A2Z technologies Ltd
Mohammed Azir Razzak
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||Our software has been optimised for the Azure Cloud platform, secure containers for each organisation.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Response times vary depending on how busy the support team is. In general, the average response time is under an hour. However as mentioned, it depends on how busy the support team is and whether it is the weekend or not.
Weekend times will be slower as not all of our support team will be working, however we still offer support on the weekend and queries should be answered on the day of ticket submission.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.0 AA or EN 301 549 9: Web|
|Onsite support||Yes, at extra cost|
Currently our support is universal across the product. Our standard support plan which comes with the licence, includes unlimited web chat, phone support, tickets and email support. If a client needs in house support or premium support this can be arranged at an additional cost.
The support team composes different levels. The 1st tier is where initial customer queries will be handled. These are handled by a support team who also perform remote support for clients. All staff are inhouse and completely familiar with LunaHR which they have been involved and assessed with the development of the application and know the functionality inside and out.
In the event of a problem the issue will be escalated to second tier support, i.e. those with a more technical background in the software and hosting environment.
In the event of a functional issues, this will be raised with our development team.
Typically, when a customer support query comes in, the tier 1 will know whether they can solve it straight away, if not they will escalate to the correct team.
|Support available to third parties||Yes|
Onboarding and offboarding
For the service setup, the administrator must complete a step by step setup of the system. Once the basics have been setup, the administrator is given more instructions and to do lists, to customise the system to how they need it. After customisation, company and user data can easily be imported, assistance from our support team is available.
For users, upon starting the service, instructions are available on each page describing the functionality. Not to mention this system was built to be intuitive and simple to use.
In addition to all of this, we have user documentation in the form of videos, flow charts and a comprehensive knowledge base. Moreover, and especially for setup, our support team will be on hand to assist where required.
Onsite and remote training can be requested.
|Other documentation formats||
|End-of-contract data extraction||Data can be extracted by exporting into a CSV file. However, users should contact the support team who would be happy to help with data extraction upon contract termination.|
|End-of-contract process||Upon contract termination data will be exported to the client upon request. There are no additional or hidden costs at the end of the contract.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The application was made to be responsive and suitable for all devices by utilising the dynamic framework bootstrap along with custom CSS. The functionality and features is completely the same regardless of the device being used.|
|Accessibility standards||None or don’t know|
|Description of accessibility||
Text alternatives for non-text content (controls, time based media, test, sensory, decoration, formatting, invisible)
All functionality can be used by keyboard
No 'flashes' are used
Headings and Lables (using appropriate H1,H2,H3,H4 tags)
Language of Page / Parts
On focus / input
Consistent navigation / identification
Lables and Insutructions
Error prevention (data, legal, financial)
Document success criteria
LunaHR has yet to use or implement videos / audio and therefore no accessibility for this
Text can't be resized (but added to roadmap)
LunaHR was developed from scratch with an emphasis on accessibility in accordance to W3C. Subsequently, testing with users of assistive technology was carried out.
User stories were executed as we didn't have access to people with accessibility issues. Tests were replicated based on accessibility issues and the supporting resources were used to carry out the tests.
For eye sight difficulties magnifier was used to see how it would interact with LunaHR. Zooming in and out was used to test all the functionality on the product.
Screen readers and also analysing the code in the backend to make sure the screen readers work as intended was used.
Help textthroughout the software solution was analysed and each input, non-text, controls, sensory and so on had the required alt text and titles.
Navigation was checked throughout to make sure it still works in various scenarios and that is functional when supportive resources are used. Likewise, navigation was checked to be sequential and getting to certain pages could be done in more than one way.
Validation, error prevention / identification has been implemented throughout LunaHR. This has been checked throughout and improved where it was unclear during testing.
Other tests relating to W3C done
|What users can and can't do using the API||Full RESTful API.|
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Description of customisation||
LunaHR is flexible. The frontend has many options for configuration, but if needed support can help and more advanced customisation can be carried out.
What can be customised?
Work patterns, user profiles, permissions, departments, expense categories, mileage, leave years, public holidays, languages, organisational units, roles of departments, notification settings, message settings, company settings, leave settings, expense settings, individual user settings, attendance settings, workflows and so on.
How users can customise?
This can all be done in the front end. Options were designed to be simple and straight forward. For example, a user can add a custom avatar for their profile picture and change their personal details by just going into their user profile on their account. They may also add documentation, assets, emergency contacts and so on.
Who can customise?
This depends on the roles of the person using the application, it should be noted roles can be edited also. In general, the admin (more than one can be created) has all options. Lesser roles such as an expense approver do not have the same options. Specialised roles such as HR can edit user profiles and maintain HR records about employees.
|Independence of resources||
First of all it should be acknowledged that LunaHR keeps analytics of how the server(s) are performing and the cloud infrastructure team will be alerted if performance becomes an issue.
Secondly, various measures have been put into place to prevent this from happening. For example, our servers utilise load balancing and capacity thresholds to address demand and have failover plans to prevent downtime.
|Service usage metrics||Yes|
Available to our users at a management and supervisor level are the reports which can be ran within the application to monitor leave, sickness, expenses, etc.
System up time and resource performance can be provided on a monthly basis where requested.
Additional reporting can be created upon request and tailored to the clients requirements.
|Reporting types||Regular reports|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Users can either request for their data to be exported in the file extension of their choosing or for certain data can do it themselves. For example report making can be done within the interface of LunaHR.|
|Data export formats||
|Other data export formats||
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Other protection between networks||Secured containers and secured networks.|
|Data protection within supplier network||Legacy SSL and TLS (under version 1.2)|
Availability and resilience
LunaHR has the following SLA for availability. Service to LunaHR is 24/7 with an uptime of 99.9%. Scheduled downtime is allowed however the users will need to be informed beforehand.
If we had extended downtime (multiple hours in a day, or multiple days in a month) or you emailed customer service and it took multiple days to get back to you, we would issue a partial credit to the clients account.
|Approach to resilience||Available on request|
|Outage reporting||Outages will be reported through various means. Frequent updates will be posted via social media (twitter and facebook), email and through a public dashboard. There is also an auditing feature within LunaHR which can be accessed by users. Moreover, we will also update our LunaHR website with a notice of the outage.|
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||
The users will also need to know their tenancy name - their username and password isn't enough authentication for login on the default login page. In other words, username, password and tenancy are all required together.
Companies are able to choose a personalised and unique subdomain for their tenancy for example domain.mysite.com where the tenancy name is not required.
|Access restrictions in management interfaces and support channels||
Access is restricted based on user roles and permissions that are defined at administrator level.
Standard roles and permissions exist in the system, custom roles can be created and any field and function can be allowed or restricted by using the advanced permissions section.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Cyber Security Essentials|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||A2Z Technology has recently completed the Cyber Essentials Security accreditation which includes Governance and Security and part of the accreditation.|
|Information security policies and processes||A2Z technology has in house documentation which was created to meet our business requirements and Cyber Essentials Security, including encrypted hard drives, mobile device management and bio-metric where available. All data is encrypted at rest and during transportation, whether SFTP, HTTPS or Encrypted files with separate encryption key.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
A2Z follows a Development, Test and Live control versioning which allows us to test for security vulnerabilities and issues before implementing into the live version.
Before deploying into test environment the changes are reviewed by a CRB (Change Review Board) and then a security check is completed before testing has completed to ensure the product still meets security requirements before deploying into live.
All results from test are highlighted to the CRB and confirmed before release into the live environment.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Potential threats are reviewed by the technical and development team with a risk category of 1-4.
4=Info, 3=Low, 2=Medium, 1=High
High risk patches are deployed ASAP with a target of <24hrs
Medium risk patches are deployed within 5 working days
Info and Low risks are deployed within next quarterly updates
Azure services provide an environment with rolling security updates.
We have monitoring services within Azure to alerts of issues and potential risk, investigation of user issues, access control review (location based), and research with cyber security forums and news sites to remain up to date with the latest vulnerabilities.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
A2Z run regular checks on their environment looking for vulnerabilities, teamed with their research on the latest threats we perform a proactive analysis of the environment a monthly bases.
Isolation of any potential compromise to ensure that the incident or breach is unable to be exploited further, this could include taking sections or applications offline if a major breach is detected.
When the incident has been detected within, 24hrs both technical and development teams work to Isolate, Prevent and Resolve.
Investigation of the breach to be completed ASAP within 5 working days.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Incidents are raised with a teir 1 team who will complete initial investigation and troubleshooting. If they are unable to resolve this issue they will then escalate to the correct team for development or systems changes need to be modified.
Users can report incidents via email, web chat or telephone.
All incidents are logged within a service desk application and a report can be produced upon request.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£1.50 to £5 per person per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||The trial version of Luna HR is available to anyone who signs up with a valid email address. This includes all the functionality and support you would get in the full-paid version. The trial lasts 1 month but can be extended to 3 months upon request.|
|Link to free trial||https://lunahr.co.uk/|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|