Commonplace Digital Ltd.

Commonplace: Digital Engagement & Community Consultation

Commonplace is a digital engagement, insight, and consultation tool designed for the public sector. It provides a user-friendly platform to engage and consult with communities and stakeholders, helping to maximise participation, broaden engagement demographics, build trust through transparency, and facilitate collaboration to de-risk the planning process and inform better consultation.


  • Interactive colour-coded pin drop map to collect community comments
  • Customizable Design feedback website with themed project tiles, encouraging comments
  • Real-time reporting dashboard of engagement and demography of contributors
  • Exportable reports to analyse and illustrate engagement
  • Social media & Mailchimp integration to maximise reach
  • Fully responsive design - mobile and tablet friendly
  • Survey mode to collect input using tablets on the ground
  • News function to keep communities engaged and updated
  • Website landing page to explain why people should contribute
  • Ability to respond directly to comments on the platform


  • Understand level of engagement and best methods of engagement
  • Build trust with local community through transparency and openness
  • Reduce risk through pre-planning engagement and enhanced transparency
  • Maximise engagement through use of digital tools
  • Reduce administration with real time reporting and exportable reports
  • Reach beyond usual demographic; inclusive of time-poor younger tech-savvy audience
  • More engaging, visually stimulating and easy to use tools
  • Single online portal to consolidation all consultation
  • Enhance traditional consultation methods by reaching larger number of contributors
  • Robust data / industry leader / scalable service


£3000 to £80000 per licence per year

Service documents


G-Cloud 11

Service ID

8 4 3 2 7 8 2 3 1 0 2 4 7 1 0


Commonplace Digital Ltd.

Glenn Brawn

07968 342274

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
  • Internet connection
  • Web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 48 hours - or sooner
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Commonplace offers comprehensive and unlimited technical support to our users via a dedicated Customer Success Manager.

We offer additional branding and marketing support to our customers at an additional cost.

Regular reviews in person and over the phone are offered to our customers to make sure they can use the platform to maximum efficiency.
Support available to third parties

Onboarding and offboarding

Getting started
We provide comprehensive onboarding of our customers once their account has been enabled. This includes training, online support, and onboarding documentation.

For an additional cost, customers have the option of using a dedicated Customer Success & Onboarding Manager to build their Commonplace for them.
Service documentation
End-of-contract data extraction
All project data can be exported and downloaded in a .CSV file. Infographics can be supplied on request at a supplementary cost.
End-of-contract process
At the end of the contract term the customers will have the option to renew the licence for continued administrative functionality and support.

Should the contract not be renewed, the customer’s front-end Commonplace website will stay active and externally visible for public reference. The website will then be closed for consultation.

The back office public engagement data will continue to be accessible by the customer after the contract expiration for a reasonable period in relation to the purpose of the project and intended use of the data.

The customer will become the acting 'data controller' for any downloaded public engagement information and the customer must responsibly manage this data, in-line with data privacy and GDPR regulations.

Commonplace will remove any personal data references on the online platform, within a 'reasonable time' after the contract expiration, in-line with data privacy and GDPR regulations through pseudo-randomisation and public contributions will be disassociated.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The Commonplace user interface is fully responsive. It's mobile and tablet friendly.
Service interface
What users can and can't do using the API
Publically made comments can be queried using a JSON.
API documentation
API sandbox or test environment
Customisation available
Description of customisation
Users can customise colours, font, and content.


Independence of resources
App is distributed across multiple availability zones with a load balancer. The app will auto-scale based on CPU usage.


Service usage metrics
Metrics types
Platform: Engagement, Demographics, Sentiment, Repeat Visitors, Time of Use and Source of Participation.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Through their engagement dashboard.
Data export formats
Data import formats
  • CSV
  • Other
Other data import formats
  • Video embedding: MP4, YouTube, Vimeo and other standard industry formats
  • Jpg
  • Png
  • Gif
  • Pdf

Data-in-transit protection

Data protection between buyer and supplier networks
Other protection between networks
Public facing software
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Approach to resilience
App distributed across multiple locations
Outage reporting
Email alerts

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Access to platform is restricted based on user permissions.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Our infrastructure is designed with best practices - multiple layers of security, isolated environments, isolated VPC's with private subnets, encryption.
Information security policies and processes
Machines locked when not in use.
Laptops are encrypted and personal customer data is removed.
Username/passwords are stored in a password manager.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All changes to infrastructure are tested in a development environment before being rolled out to production. Infrastructure is written as code, and is tracked and reviewed through our source control.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Security patches applied regularly and software libraries are kept up to date.
Any patches or fixes can be applied quickly to resolve the issue.
Log files are reviewed for signs of unusual traffic and malicious code.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Technical team are alerted to any errors. Logs are analysed to determine severity of error, and team respond accordingly.
Incident management type
Supplier-defined controls
Incident management approach
Users can report incidents through our support email. An on-call support person can evaluate issue and escalate to technical team.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£3000 to £80000 per licence per year
Discount for educational organisations
Free trial available

Service documents

Return to top ↑