PlotBox is a cloud software and digital mapping solution for cemeteries and crematoria, providing three main services; Data Migration, Cemetery mapping solutions, and Software implementation. All records can be digitally linked to GPS plot locations within the software, which you can then use to manage your operations, finance and reporting.
- Burial and cremation booking schedule.
- Deeds management including transfer of plot ownership.
- GIS mapping platform and iPad app (incl. columbarium mapping capabilities)
- Finance module including integration with accounting packages.
- Memorial permits management.
- Document management.
- Funeral Director and Memorial Masons Portals.
- Real-time reporting from anywhere on any device.
- Customisable user dashboard.
- Public facing website for genealogy searches and flower deliveries.
- Access to ALL your data in the ONE place.
- Access to information from anywhere on any device.
- GIS plot location data accurate to 1 inch.
- Plot locations interactively linked to deceased and deed owner records.
- Highly configurable software to fit your needs.
- Record activity log for audit trail to track user activity.
- Enjoy time savings of between 50%-70%.
- Free upgrades.
- Online support with average response time of under 5 minutes.
£7500 per instance
- Free trial available
PlotBox (GSS (NI) Limited)
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
We operate a full in app support service during UK business hours (Monday - Friday 9am to 5pm). These can be extended on request. Outside of the standard support hours we have email support available.
We aim to be operational and available 24x7.
|Email or online ticketing support||Email or online ticketing|
|Support response times||
In-App instant messaging service is available with options to create a ticket from within the application. The current median response time is 3 minutes.
We do not offer support outside of normal business hours as standard but we can do upon request.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), 7 days a week|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), 7 days a week|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||Our in-app messaging service allows our users to quickly tap a button on the screen and start a live conversation with one of our support agents. The service allows us to send the users attachments, images, videos, emojis, gifs etc. to create a human support experience with the customer and give them an immediate response to their issue. The service also allows the user to scroll through a history of their conversations with us. There is an integrated searchable help center that they can access via the messenging service, this center is packed with guides, FAQs, articles etc. to help the user solve the issue on their own. Users can also receive automated messages giving them update notes as and when they are released to their site. If a user misses a message due to being offline they will also receive an email with our response.|
|Web chat accessibility testing||None|
|Onsite support||Yes, at extra cost|
We provide the same level of support to all users currently, each customer pays for support on a “per user” basis.
Each customer is provided with a technical account manager that can help through any issues the user may have in regards to the cloud service we are providing to them.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||In order to get up and running we first consult with a Super User to get the site configured to meet their needs (i.e. document templates, fees, users etc.). We will then provide a series of online training supported with user documentation to introduce users to the functionality and to undertake checks of their data and report back any issues. Before 'go-live' we will usually carry out an onsite visit for additional training and support (depending on the size of the organisation this could be anything from 1 day to 1 week). We encourage users to get up to speed by providing a training activity plan for each user and we will alert our point of contact within the organisation if there are users who are not participating as they should. To support the training process, at all stages of implementation users can ask queries via an in-app message service where they will receive a response in under 5 minutes.|
|End-of-contract data extraction||Within the system users have the ability to export data in csv format at any time. Additionally at the end of a contract we will provide your data in a tabular format by our data team. Specific requests from the data team outside the standard format is available on a time charged basis.|
|End-of-contract process||The end of contract process is covered in the detail of the PlotBox Terms and Conditions document uploaded. At the end of the contract process we would provide you with a flat table structure of your data. Any requests outside our usual data format may be charged at a time and materials rate of £500 per day.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||All features available on the desktop application are available on mobile. The system uses responsive design techniques to optimise the display according to the device in use.|
|Accessibility standards||None or don’t know|
|Description of accessibility||We are in the process of getting an WCAG 2.0 A compatibility audit.|
|Accessibility testing||We are in the process of getting an WCAG 2.0 A compatibility audit.|
|Description of customisation||
PlotBox offers customisation through configuration. Throughout the system there are configurable system settings that allow you to determine how PlotBox deals with specific cases. These include:
- Currency Settings
- Date/Time Settings
- Customisable Document templates
- User defined PickLists and data items
- Customisable Mapping Layers
PlotBox uses role based authorisation to determine who can make specific changes.
|Independence of resources||
PlotBox uses a clustered architecture that makes uses of autoscaling of cloud resources to respond to the demand on the service. Modules are loosely coupled to ensure that availability in one module will not impact others.
We use extensive monitoring an logging to proactively manage our infrastructure.
|Service usage metrics||Yes|
We provide a large amount of metrics about the usage of the product across all aspects of your business including:
- Sales over time periods, users, locations etc
- Burials/Cremations over time periods, by location, type etc
- Tasks/Work items over time period, user, locations, types etc
- Events over time period, user, locations, types etc
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Users have the ability and option to extract data in a number of formats including csv, json and excel.|
|Data export formats||
|Other data export formats||JSON|
|Data import formats||
|Other data import formats||JSON|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
PlotBox shall use reasonable commercial efforts to ensure that the Software is available to you at least 95% of the time in any calendar month during the Subscription Term, excluding Scheduled Downtime and Maintenance. If it is not, you may be eligible to receive Service Credits.
"Downtime" means a period of time when the PlotBox system cannot be accessed due to a problem with the server.
”Emergency Downtime"means those times where PlotBox becomes aware of a vulnerability which, based on a risk assessment of the vulnerability, PlotBox deems to require immediate remediation and, as a result, the PlotBox system is made temporarily unavailable in order for PlotBox to address the vulnerability. Emergency Downtime is not considered Downtime for purposes of the SLA, and will not be counted towards any Downtime Periods."Service Credit" may be provided upon request.
|Approach to resilience||Available on request|
In order to communicate outages we have:
- Public, externally hosted dashboard
- Externally hosted alerting (email and SMS)
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||PlotBox uses role based authorisation to determine the access levels a specific user has. These can be defined and modified in the application by admin users.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||
We have a named senior manager responsible for the Security Policy across the group. Security is discussed and given focus at board level.
The CTO is responsible for ensuring our security framework standards are adhered to and followed across the company.
|Information security policies and processes||Included in SLA|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
All software, software configuration, hardware configuration and documentation artefacts are tracked via version control management software. Users permissions to modify artefacts are control using role based authorisation and all changes are logged and can be tracked back to the change control request that initiated the change.
We use a mix of automated static analysis and peer review to ensure changes comply with strict secure programming and hardening best practice.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
We have a dedicated security team, ultimately responsible to the CTO, that continuously monitors and responds to potential vulnerabilities. We used automated security patching as a default with a aggressive security update policy.
In addition our selected cloud provider Microsoft Azure conforms to several industry standards.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
We employ protective monitoring across all layers of the stack including network level monitoring, access monitoring, user monitoring and application level monitoring. All activity is logged and monitored with any suspicious activity alerting to a dedicated and centralised response team. The response team will assess the alert to determine if there is a compromise, if found they will immediately initiate a documented and reviews response policy that details the actions dependant on the category of compromise.
In addition our selected cloud provider Microsoft Azure conforms to several industry standards.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We have a full disaster recovery plan that is documented, reviewed and role played at least once a year.
Incidents can be reported to our HelpDesk by in app messaging, email or phone. All incidents are recorded and tracked via incident management software which allows clients to keep track of progress and updates.
Our standard incident management process is detailed the the accompanying SLA.
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£7500 per instance|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||This is decided on a case by case basis.|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|