Time to Spare

Time to Spare

Time to Spare provides a platform to voluntary and community organisations to manage data and to safely share aggregated and anonymised reports of the work they do with funders and public bodies.


  • Outlook integration
  • Eventbrite integration
  • SurveyMonkey integration for impact surveys
  • Real time reporting of impact and user data
  • Intelligent recommendations for VCS services
  • One-click GDPR Subject Access response
  • Shareable events calendar


  • See more clearly what VCS organisations are doing
  • Improve security of VCS data
  • Encourage collaboration between community organisations
  • Better discovery of community services
  • Easier monitoring of funded charities/community groups


£0 to £1250 per licence per month

Service documents


G-Cloud 11

Service ID

9 7 6 9 2 5 0 3 6 8 0 2 6 5 4


Time to Spare

Tom Neill



Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
Access to the internet

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 1 working day.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
We use Userlike for our live chat system. Users can chat directly or can switch to email.
Web chat accessibility testing
Onsite support
Yes, at extra cost
Support levels
We offer on-boarding support at a cost of £600 per day. We give 2 free days of support at our "major institution" price package.
Support available to third parties

Onboarding and offboarding

Getting started
We can provide onboarding support and onsite tech training for VCS organisations.

We have documentation on our website and provide free email and chat support to VCS organisations.
Service documentation
Documentation formats
End-of-contract data extraction
When the contract ends, we will allow users to extract their own data in a csv or JSON file.
End-of-contract process
Data export is free.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
It can be difficult to view the live reports on mobile.
Service interface
What users can and can't do using the API
Currently our API is only accessible through Zapier. Users can update contact records and add events.
API documentation
API sandbox or test environment
Customisation available
Description of customisation
Users can create custom groups of organisations that they are interested in viewing statistics and reports from.


Independence of resources
We have a serverless set up and our database is almost infinitely scalable.


Service usage metrics
Metrics types
We provide metrics on the usage of the services run by different voluntary and community organisations.

We give aggregated information on location, demographics, retention and more.
Reporting types
Real-time dashboards


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
Less than once a year
Penetration testing approach
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Certain parts of data is easy to export via CSV in the interface. The rest requires an email to support.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We do not guarantee any level of availability
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Our management interfaces and support channels are hosted and managed on Google Cloud. We use their authentication to ensure access is restricted.
Access restriction testing frequency
Less than once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
We take security very seriously and all members of our small team are very clear of the steps we need to take to ensure data is kept securely.
Information security policies and processes
We maintain a detailed breach policy available on request and ensure that we are fully GDPR compliant.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We maintain an active list of our subprocessors and dependencies and proactively fix problems with them.
Vulnerability management type
Vulnerability management approach
We deploy patches to our services as quickly as possible when we are made aware of them or discover them internally.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We are currently looking at ways to improve our protective monitoring processes.
Incident management type
Supplier-defined controls
Incident management approach
We have a full breach policy available on request or on our website.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£0 to £1250 per licence per month
Discount for educational organisations
Free trial available
Description of free trial
We offer our service for free for organisations that are interested in using the platform solely as an internal tool and have less than 5 users.
Link to free trial

Service documents

Return to top ↑