Virtual Viewing Ltd

App based 3D/4D City modelling

provision of 3d city modelling, 4D and 5D city analysis, smart city reporting and destination / inward investment promotion


  • 3d city modelling
  • lidar conversion
  • real-time reporting
  • smart building data reporting
  • smart city data reporting
  • transport data reporting
  • augmented reality
  • application development


  • engage with citizen
  • affect behavioural change
  • publish content on iOS, Android and Windows
  • dynamic, real-time data
  • inward investment search criteria
  • tourist engagement
  • gamification of big data


£15000 to £180000 per instance per year

  • Education pricing available

Service documents

G-Cloud 9


Virtual Viewing Ltd

Stewart Bailey

02037 148 710

Service scope

Service scope
Service constraints IOS, Android and Windows are supported. Planned maintenance occurs with OS updates and with periodic enhancements to the service. Uptime rated to 99.99%
System requirements
  • Licencing agreements for any third party mapping software
  • Licencing agreements for any third party data analytics software

User support

User support
Email or online ticketing support Email or online ticketing
Support response times During working hours (Mon-Fri 9am 7pm)
1/4/8/24 hour response times available subject to SLA.
Weekend response cover available subject to SLA.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels In support of services detailed under this SLA, Virtual Viewing will apply hourly charges in accordance with the following level rates:
Programming/Coding:£135 per hour
Project management: :£80 per hour
Graphic design:£75 per hour
Testing:£55 per hour
Any item raised under the Issue Type : Urgent and business critical issue will be subject to a 20% levy
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started There is on site training, online training and online documentation
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction CSV export
End-of-contract process Users are entitled to all database content. This does not include the 3D model unless explicitly negotiated to be included

Using the service

Using the service
Web browser interface Yes
Using the web interface Users can edit notifications, building type and database entries.
Web interface accessibility standard WCAG 2.0 AAA
Web interface accessibility testing None.
We utilise web accessibility technology checkers.
Command line interface No


Scaling available Yes
Scaling type Manual
Independence of resources Installations can be hosted on dedicated infrastructure.
Shared VM instances use server load-balancing technology and are monitored to ensure no single installation instance can reduce the service provided to the other installations.
Usage notifications Yes
Usage reporting
  • Email
  • Other


Infrastructure or application metrics Yes
Metrics types
  • HTTP request and response status
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process No
Equipment disposal approach In-house destruction process

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • All files
  • Images
  • 3D geometry
  • Visualisation data
Backup controls Our cloud platform performs the backups
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability 99.99% service availability in any one year
Approach to resilience Our cloud based system ensures that the service is spread across multiple service providers.

Use of the Apple App Store and Google Play Store as gateways to the main application ensures massive resiliency.

Tier-4 secure data-centre which is certified ISO 27001.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels To be completed
Access restriction testing frequency At least once a year
Management access authentication Username or password
Devices users manage the service through Dedicated device over multiple services or networks

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach We comply with the routines and standards placed upon us through our work with Youngman's Group (we are A graded for our MOD work), NaCTSO and local goverment security measures
Information security policies and processes We use a risk based approach when assessing and understanding the risks and will use physical, personnel, technical and procedural means to achieve appropriate security policies and procedures.
We take into account developments in technology and the costs of implementation in order to achieve a level of security appropriate to the nature of the information and the harm which may result from a security or process breach.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach A Change Request (CR) is required for any change to the environment(s) that are subject to the policy as designated by the IT Director.
The scope of an approved CR cannot be modified.
A CR must be submitted for approval in a complete format.
CRs must be approved as stated in Change Management Process.
An Impact Analysis is required for all production environment changes.
Functionality testing must be performed to verify that the change does not adversely impact the functionality of the application/system.
Risk analysis for all changes is required.
A back-out plan must be provided.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Patch management systems deploy critical security patches within 24 hours of release.
3rd party independent network vulnerability analysis.
Internal logging and pro-active maintenance.
On-site real-time intruder network detection systems.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Real-time network intruder detection systems.
Wi-Fi device monitoring.
Application level proxy packet filtering and detection.
Pro-active logging and maintenance.
Incidents responded to within 4 hours in-line with our security policy.
Incident management type Supplier-defined controls
Incident management approach We have pre-defined processes for all common events including network intrusion, hard-disk failure, network outages and catastrophic failures.

Incidents are reported to our cloud based incident reporting portal.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Hyper-V
How shared infrastructure is kept separate Extensive use of the Hyper-V virtualisation

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £15000 to £180000 per instance per year
Discount for educational organisations Yes
Free trial available No


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑