The Access Group

Access thankQ CRM

Access thankQ CRM is a user friendly and modular Contact Relationship Management solution which caters for non-profit, education and membership organisations. It addresses Marketing and Communications, Grant Awarding, Income / Donation Processing, Gift Aid, Volunteer Management and Event Management.

Features

  • Intuitive design for ease of navigation, searching and reporting
  • Standard modules for membership, fundraising and event management
  • Website integration via online portal, API or widgets
  • Integrated Social Media inc. Twitter and Facebook listening
  • Two-way bulk email integration with Mailchimp, Dotmailer
  • Income handling includes integrated Gift Aid management
  • Grant Awards module covers applications and awards, monitoring and evaluation
  • Integrated merchandise, ticketing and EPOS options for front of house
  • Microsoft Office integration for simple filing of correspondence

Benefits

  • Non-technical searching and reporting (on all fields) including map view

Pricing

£1100 to £500000 per instance per year

Service documents

G-Cloud 9

954414942864413

The Access Group

Richard Gyles

01206322575,3,2252

Richard.Gyles@theaccessgroup.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Community cloud
Service constraints None
System requirements Internet Access via supported browsers (html5 enabled)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times P1 (critical). For tickets logged by telephone = immediate response, logged by other means = response within 1 working hour. Updates: hourly unless agreed otherwise. P2 (high). Response: Within 1 hour. Updated to senior support staff within 3½ hours, updated at least every 8 working hours Updates: 4 hourly unless agreed otherwise. P3 (normal). Response: Within 4 hours. Updates: Update client at least every other day and where the severity demands and is agreed, up to every 4 working hours P4 (low). Response: Within 4 hours. Updates: every 4 days unless agreed otherwise
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Support levels covered as part of annual fee are: P1 (critical) - For tickets logged by telephone, immediate response, for tickets logged by other means, response within 1 working hour. Tickets transferred to a product expert within 1 working hour.
P2 (high) - For tickets logged by telephone, immediate response, for tickets logged by other means, response within 1 working hour. Tickets transferred to a product expert within 1 working hour.
P3 (normal) - For tickets logged via the Call Management Centre a response will be given within 2 working hours by a product specialist. For tickets logged via email a response will be given within 3 working hours by a product specialist.For tickets logged via telephone a response will be given immediately and assigned to a product specialist within 4 working hours.
P4 (low) - For tickets logged via the Call Management Centre a response will be given within 4 working hours by a product specialist. For tickets logged via email a response will be given within 4 working hours by a product specialist. For tickets logged via telephone a response will be given immediately and assigned to a product specialist within 6 working hours.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started At the start of the implementation Access will appoint a Lead Consultant that will be assigned to your project. The Lead Consultant will provide an on-site visit t outline the project and will remain a point of contact throughout the implementation. To support the implementation Access also provide a named On-Boarding consultant who works closely with the Lead Consultant. They will ensure that the project is progressing and provide a secondary contact who is office based and can be contacted at any time. Access provide as part of any implementation a comprehensive range of services available directly from Access UK. Services that Access can provide as part of the implementation stage are: • Project Management • Data Conversion • Education and Training • Consultancy • Technical Consultancy • User acceptance Testing support • Account Management • Help Videos
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats MS Word
End-of-contract data extraction The client will receive a back up of their data following the end of the contract.
End-of-contract process At the end of the contract, and if the subscription fee is not renewed, the customer can extract the data into a given format (normally Excel or SQL backup). Support can be provided to extract data on a time and materials basis. Data is then deleted 90 days after your subscription end date.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service ThankQ mobile provides streamlined functions to enable users to search and locate contacts and update notes following onsite meetings.
However, all key functions in thankQ CRM can be used on iPad mini or similar sized Android devices.
Accessibility standards None or don’t know
Description of accessibility Buttons and non-text content have text alternatives which can be used with screen-readers.
Accessibility testing ThankQ was the first application at use at the BBC (within Children in Need) to pass the assessment as issued by their technology team.
API Yes
What users can and can't do using the API ThankQ CRM provides a REST API allowing web integration and self service.

The API has all key features of the system available as standard.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Using the in application configurator, trained users will be able to relabel data fields, add new data fields and create new data tabs.

We also have a Professional Services team that can be used to configure the thankQ application.

Scaling

Scaling
Independence of resources ThankQ CRM can be hosted using ALTO. This is a load-balanced service,which monitors the web servers continuously and will dynamically reassign requests if one of these servers crashes.

Analytics

Analytics
Service usage metrics Yes
Metrics types ThankQ has a comprehensive range of standard reports, metrics and KPI reports, which can be added to or modified by the customer to suit their needs.
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Information from thankQ CRM can be easily exported directly from the system, through a standard suite of reports and export formats. Many of our customers simply export to Excel, CSV or PDF file.
Data export formats
  • CSV
  • Other
Other data export formats
  • TXT
  • Excel
  • XML
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We will use commercially reasonable efforts to make the software available 24 hours a day, seven days a week, except for unavailability during emergency or routine maintenance. Our monthly availability has not dropped below 99.8% in any 4 week period in the last 12 months
Approach to resilience We operate a dual active-passive environment and all hardware components are provided at N+2 level or greater. More details are available on request.
Outage reporting Users can subscribe to email alerts giving updates on scheduled maintenance and outages. At any time a user can view the status dashboard on a webpage.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels We operate role profile based Access Control - based on least privilege access. This applies to all our services.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ISOQAR
ISO/IEC 27001 accreditation date 01/09/2014
What the ISO/IEC 27001 doesn’t cover Nothing is excluded from the standard ISO 27001 certificate
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes All controls included within Annex A of the ISO27001:2013 standard. Statement Of Applicability (SOA) available on request.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All change management is undertaken in line with ISO27001:2013 using JIRA for audit purposes.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Patched and audited by our patch management system. All non-critical OS patches are applied within one calendar month of release, first into pre-production and then into production, as part of the scheduled maintenance window. AV Updates - Signatures are updated hourly. / Rules are reviewed at minimum every 3 months. Logs are reviewed at minimum every 3 months. Access staff responsible for the maintenance of our hosting services subscribe to industry newsletters, belong to various security forums and we additionally receive notifications from our vendors.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We have traffic monitoring and content based alerting which alerts on changes to the site and/or traffic flows implemented at infrastructure and application level. We proactively monitor third party suppliers (hardware, OS, application/web and database server software) vulnerability reporting and security fix availability. Any vulnerabilities found and fixes provided by third party suppliers are patched by our infrastructure team in a timescale appropriate for their level of severity. Any penetration test findings are fixed by Development in a timescale appropriate for their level of severity. Our infrastructure response is within 1 hour in the SLA period 8am-8pm Monday – Friday.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We operate a robust incident management process in line with ISO27001:2013 Staff are encouraged to report all incidents using a pre-defined process using a form available on our Company Collaborate site Incident reports will be provided following forensics and closure.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £1100 to £500000 per instance per year
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑