Equal Experts’ UX Forms is a customisable and programmable online web form builder that brings user research into the heart of building web forms. Real-time data helps identify forms, design patterns and questions that perform well, and not so well, so the effectiveness of form changes are measurable.
- Government Digital Service (GDS) design patterns built-in
- Conditional and branching form logic
- Real-time analytics, data and dashboards of online behaviour
- Complex and programmable form and field validation
- Extensible and customisable builder via code
- Can be integrated with any web-facing system
- Fully internationalised and multilingual; supports UTF-8 throughout
- Fully testable form design under revision control
- Create your own library of design, UI styles and patterns
- Optimise the forms and go live on your own domain
- Publish online web forms quickly and easily
- Fully conform to GDS’s design and style guide
- Gather data on effectiveness of form questions
- Learn which design patterns confuse your users
- Learn which questions your users find difficult to answer
- Quickly adapt your form online in response to empirical data
- Prove complex form behaviour is correct via automated tests
- Demonstrate a data-driven response to user needs
- Multiple authors can work concurrently on the same on-line form
- Rapidly recreate forms in multiple languages via intuitive builder
£150 per licence per month
Equal Experts UK Limited
+44 7968 157766
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Official support hours are 9am to 5pm, Monday to Friday, within which we promise to respond to questions within 2 hours.
We, of course, aim to respond as quickly as possible even outside these official support times.
|User can manage status and priority of support tickets||No|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
UX Forms' support is available independently on GCloud. It provides experienced consultants who can help with all aspects of delivering great forms with UX Forms, whether that's to build and test complex digital forms more quickly than ever before, build integrations between UX Forms and your existing services and APIs or even integrate UX Forms with your internal revision control and build pipelines.
Support costs from £1,000 per person per day, excluding VAT.
|Support available to third parties||Yes|
Onboarding and offboarding
User documentation is provided.
Additionally customers may take advantage of UX Forms' support services to help them become experts in using UX Forms, quickly and efficiently.
|End-of-contract data extraction||
The definition of each form is created by the customer, so does not require extraction.
End user's answers of completed forms are automatically deleted from UX Forms' platform once they are sent to the client's systems, so no extraction upon the end of the contract is required.
End user's answers of partially completed forms can be provided upon request.
Access to UX Forms' services is terminated, and any forms and themes deployed by the customer are un-deployed and taken offline.
End users' answers to incomplete forms will be automatically deleted after the retention period configured by the customer.
There are no additional costs.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None. All features accessible via the desktop web interfaces are accessible via the mobile web interface.|
|Accessibility standards||None or don’t know|
|What users can and can't do using the API||Every regular action that is possible through the web interface is possible via UX Forms' APIs. Forms can be uploaded and deleted, as can themes. Only user management is restricted for use only via the web interface.|
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||
Forms deployed to UX Forms can be customised in almost every conceivable way.
Validation can be fully customised and it can even integrate with bespoke external systems to verify the user's answers.
Integrations can be written to connect to external, bespoke, systems at multiple points during a form instance's lifecycle, including submitting the completed form's answers back to the customer's own systems.
|Independence of resources||By leveraging our cloud provider's infrastructure, along with selected open source technologies to keep forms separate from each other, even within the same organisation.|
|Service usage metrics||Yes|
|Metrics types||The UX Forms dashboard provides detailed data on every aspect of your forms. Track mean completion time, user errors and more to prioritise revisions and hone performance until every field is perfect.|
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||UX Forms provides extensive customisation so end user's questions can be submitted to the customer's services as soon as they finish filling in a form. End user data is automatically deleted from UX Forms' service once it has been transmitted to the customer's systems.|
|Data export formats||
|Other data export formats||
|Data import formats||Other|
|Other data import formats||UX Forms does not currently support uploading form data|
|Data protection between buyer and supplier networks||
|Other protection between networks||As UX Forms is fully customisable, even the way data is protected between the UX Forms' and the buyer's network is customisable. If required, specific connection mechanisms can be implemented with help from UX Forms.|
|Data protection within supplier network||
|Other protection within supplier network||Environments are segregated in to independent Virtual Public Clouds and, within each, services are deployed in to independent subnets.|
Availability and resilience
|Guaranteed availability||UX Forms will guarantee at least 99.95% uptime during any month.|
|Approach to resilience||This information is available upon request.|
|Outage reporting||Via email alerts.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Only individual, named, users can perform management actions within UX Forms. Actions available to users are controlled via role-based access which, in turn, is managed through UX Forms' dashboard.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||British Standards Institute|
|ISO/IEC 27001 accreditation date||May 8th 2017|
|What the ISO/IEC 27001 doesn’t cover||Our Statement of Applicability is available upon request|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||UX Forms operates an Information Security Management System which complies with the requirements of ISO/IEC 27001:2013 for the provision of software solutions and related deliverables and services, as certified by the British Standards Institute.|
|Information security policies and processes||
The Managing Director is accountable for ensuring that appropriate security and compliance controls are identified, implemented and maintained. The Managing Director ensures that:
Risks are managed and reduced in an informed manner;
All applicable legal and regulatory requirements have been identified and that compliance is maintained;
Appropriate resources are provided to implement and maintain the information security management system (ISMS);
All staff sign the information security agreement prior to joining and receive awareness training of all policies during induction, including the consequences of non-compliance.
Our information security policy set is aligned to ISO27001:2013. The Information Security Policy is available upon request.
UX Forms will ensure that:
Information is protected against unauthorised access;
Confidentiality of information is assured;
Integrity of information is maintained;
Regulatory and legislative requirements are met;
Business continuity plans are produced, maintained and tested as appropriate;
Third parties engaged in the support of UX Forms are required to comply with this Policy to support both UX Forms and our clients’ requirements;
Information security requirements are aligned with organisational strategies and objectives in support of both UX Forms and our clients’ expectations;
Information security is managed and continuously improved through a defined ISMS;
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
UX Forms runs a fully documented change management process, certified against ISO/IEC 27001:2013, which is actively reviewed and managed.
All components, including their infrastructure, networking and configuration, are under revision control. They are built, tested and versioned before being deployed through a continuous integration build pipeline.
Every prospective change to every component is assessed by a technical lead, which includes its potential security impact. All components are regularly reviewed against OWASP's secure coding practices.
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
UX Forms regularly checks all of its libraries and dependencies against NIST's National Vulnerability Database and uses an ISO27001:2013 risk-based methodology to assess all threats.
Patches and software updates are treated no differently than any other change to UX Forms' platform and can be deployed via its continuous integration pipeline in minutes.
Information regarding potential threats and security alerts come from a number of sources, including UX Forms' hosting provider and a range of technical news platforms.
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
UX Forms has a defined information security incident policy.
Comprehensive logging of all components is gathered in real time and is analysed to identify potential compromises.
Once an incident has been raised, a thorough investigation is immediately begun to understand its scope and severity. If there is reason to suspect the incident affects Personally Identifiable Information, then UX Forms' Data Protection Officer is informed and appropriate steps taken.
A detailed post-incident review is performed after every incident and its findings analysed to improve UX Forms' processes and practices.
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
UX Forms has a defined information security incident policy which sets out how incidents will be reported, managed, tracked and reviewed.
Incidents can be reported by anyone to firstname.lastname@example.org.
UX Forms' incident response capability is not restricted to official support hours.
Full details of an incident affecting a customer will be shared confidentially with that customer.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£150 per licence per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|