Questions and Answer: RFP/2013/565
Request for Proposals for the Provision of Global Donation
Solutions
Questions
Answers
Technical Related Questions
1. With the understanding that the Global
Donation Solution will enhance and
streamline the already existing UNHCR
platforms with a larger scope of deployment.
What volume of legacy data should be
considered?
From January 2012 till October 2013 UNHCR
International only had 25,465 settled donations.
2. Does the UNHCR have forecast data
estimation in terms of the usage of the
future Global Donation Solution? Such as
number of concurrent users, number of
donators, number of donations per month
and at peak hours?
The number of donators is showing significant
growth year on year, for example the growth of
number of donors from 2012 – 2013 is around 243%
for single donors.
We should expect a much higher number if the
platform will be used by other UNHCR offices
We estimate for total number of donors for 2013 to
be around 10,000
Average donations per month currently range from
500 to 3,000
As we experience and respond to Emergency
fundraising appeals – we need to be able to scale up
and down in relation to expected traffic – and this
will be hard to predict.
Looking to the future, we need to have a system
that is robust enough to allow these numbers to
grow in large percentage increases.
3. Could you give us an indication of the
present conversion rates?
Present conversion rates from donation landing
pages is around 0.25%
4. Does the UNHCR has a preferred Project
Methodology or is the provider requested to
bring its own Project Methodology?
We would prefer an agile and thorough approach
that is understood and used by the provider. It
needs to be suitable and accessible for use of
UNHCR staff.
5. Will the selected bidder expected to bring its
own developed Donation Platform or will it
Ideally we would like the bidder to bring their own
donation platform system, however we would be
play the role of a Service Provider that will
define and bring together a best of breeds
platform built from different providers.
happy to consider custom solutions built from
different providers.
6. Is the Global Donation Solution aimed at
encompass
a
Donator
Relationship
Management part?
The global donation solution will need to be
integrated with UNHCR Offices CRM (such as
Salesforce, ROI etc.) to enable best donor
relationship management and increase donor
retention.
7. Is there an approximate estimation as to the
maximum level of concurrent users?
In terms of concurrent visitors to the donation pages
UNHCR would want a platform to be able to handle
a huge number of donations being made at the
same time as often happens when there is an
emergency
8. What would be brief roles and
responsibilities of the "Focal Point to lead
collaboration with the UNHCR regional
teams/ Global Project Managers" and where
is this person expected to be located out of?
This role is to assist in the co-ordination and
technical development of any new system to global
UNHCR teams. To include any technical assistance
and training needed.
9. The Expected Role of the Bidder: Similarly,
the bidder will be asked to assist the UNHCR
team with the transfer of applicable
functional and technical knowledge to
UNHCR resources. When, where and how
often would this be required to be done?
Full technical handover notes to be delivered,
including full user guides and manuals on
completion of project.
This system will be accessed and used by different
internal UNHCR regional staff – this role will need to
make sure each team is effectively communicated
with, and assisted in relation to rolling out the
project.
Full training to regional and HQ teams. More
training as and when updates are made to the
system.
Service team to be on hand to answer any questions
and help out with queries
Any other as suggested by supplier that you think
we will need to operate system.
10. Apart from possible technical reasons, what
are the instances when donations are
rejected?
UNHCR is not aware on non-technical reasons why
donations are rejected.
Currently, reasons for rejected donations are just
technical i.e. suspected fraud, details entered
incorrectly, address and cc details are not the same,
etc.
11. Could you please explain single step and
multi-step donation process
A single step donation process is when both
personal and bank details are on the same page.
For example: donate.unhcr.org
A multi-step donation process is when personal
details and bank details are on two separate pages thus two steps to donate.
For example:
https://www.oxfam.org.uk/pdd/Default.aspx?sID=1
01&amount=2
12. Please provide details of your campaign and
tracking requirements. What sort of social
media campaign requirements would you
have?
UNHCR requires being able to add on donation
pages (including confirmation pages) java script.
Specifically Google Tag Manager scripts as well as ad
hoc scripts such us doubleclick ad serving tracking,
Salesforce (or other databases) integration scripts
etc. Please refer to page 8 of the Annex A of TOR
UNHCR also required being able to include on the
donation pages the option for users to share the
specific donation pages on social media sites such as
Facebook and Twitter and include a custom pre-set
message - such as ‘I have just made a donation to
UNHCR Philippines Emergency’.
Because the requirements are for a platform that
supports multi languages donation pages the social
share should support multiple languages and the
option to share the specific page where the
donation was made and not a pre –set donation
page only.
13. Where is the current UNHCR International
solution hosted?
Currently we use a custom CMS called Mustard
hosted by Think on Amazon webservers.
14. Could please elaborate on the concept of
single donation and regular donation?
A single donation is a one off electronic payment
made by debit or credit card. There is no storage of
donor bank details.
A regular payment is an automatic deduction from a
debit or credit card. It can be monthly, quarterly or
yearly. The payment gateway will store the donor
bank details. Different countries offer different
options for regular donations. In the UK for example
is referred as direct debit.
15. What sort of local payment methods are
applicable? Please provide the list and
details of each payment gateway (Local and
Global)
UNHCR requires the Global Donation System to be
integrated with a global payment gateway which
can process payments in multiple currencies and
multiple local cards. The local payment methods will
depend on the country where the donation is made.
Examples of PCI compliant third party country
specific/currency/payment gateways are IATS,
Worldpay, SagePay, Global Collect etc.
UNHCR is currently using as payment gateway
Worldpay Business Gateway but is open to consider
different global payment gateways whether
recommended by the bidder.
16. Please explain the need for non-UTF8
characters for database. Are there any input
screens for this? How many such screens are
there and process?
UNHCR requires being able to create donation pages
in multiple languages such as Arabic, Dutch and
Korean. The Global Donation Solution and the
payment gateway used must be able to support non
UTF-8 characters so that donor data can be stored
correctly.
17. Have you done any previous information
architecture exercise earlier? Do you have
the creatives ready for the site?
None for any new system.
18. What would be the location of the
implementation? Do you need a globally
distributed team for roll out or requirement
analysis?
Implementation will be most likely in London and/or
Geneva.
19. Please provide details of offline processing
required.
Capture of banking data for offline processing
(direct debits) – these will need to be
bespoke/flexible and be suitable for multiple
international markets also Gift Aid for UK.
20. Please provide requirement for secure data
storage and transmission.
Please refer to page 9 of the Annex A of TOR for
details
21. Please provide details about gift prompts.
For gift prompts UNHCR refers to being able to
choose from the donation platform CMS different
donation amounts to display on the donation pages
and choose between having amount only or amount
plus image and description of what the gift can be
used for.
However, please look through our current website
and donation pages for IA (donate.unhcr.org)
22. Please provide details of 3rd party Address
database and International databases for
telephone and address validation
UNHCR requires the global donation system to be
integrated with an international post code finder
which will enable to validate donor postal address
and ensure donor data is accurate. An example of
3rd party address and international telephone and
address validation is Postcode Anywhere
23. How many languages are required?
UNHCR requires the global donation solution to
support the al least following languages:










24. Please provide print requirements - receipt
print.
English
Spanish
Portuguese
Arabic
French
Dutch
Swedish
Chinese (simplified and traditional)
Japanese
Indian
In UNHCR offices registered as non-for profit (such
as UK, US, Canada) online donations are tax
deductable and the donors requires a printed
receipt of the donation made as a proof for the tax
relief.
UNHCR requires that the donation system also
enables donors to receive a printable receipts of the
donations they made
25. Is there a preferred email service provider
UNHCR is using currently? If so please
provide details.
UNHCR International and some of the other offices
are using as email provider Exact Target
26. Please provide details of requirements for
customizable copy and email html/text for
individual donation landing pages. How
many categories are there?
UNHCR would like to be able to customize the copy
and the html of the confirmation emails sent to
donors once the payment is completed. Ideally
UNHCR would like to personalize the email copy
with the donor name and donation amount as well
as the description of the product/theme of the
donation page.
UNHCR has different donation pages for different
crisis
such
as
donate.unhcr.org/Syria,
donate.unhcr.org/Philippines etc.
Ideally UNHCR would like to be able to have
different confirmation emails for each of the
donation theme or at least to be able to customize
the copy of the email to refer to the theme of the
donation page.
27. How many page templates are required?
UNHCR would like to have multiple templates (2-3
as standard templates) and be able to create new
custom templates when required.
28. By Mobility, can we assume responsive
design? Do you have any Mobileapp
requirement?
UNHCR requires the donation pages as well as the
payment process to be mobile responsive. We don’t
have mobile app requirements but we would
welcome recommendations from the bidder on
developing mobile app to make easy and quick
donations via mobile phones and tablets.
29. Please provide details of your publishing
workflow process.
There is no publishing workflow implemented in the
current CMS, donation pages are published when
they are saved by the system. A workflow system
where donation pages can go to a staging/test area
for approval prior to going live would be preferable.
30. Please explain the requirement "Ability to
add multiple opt-in" selection for data
protection.
For example simple ‘opt in’ versions for contacting
donor again through multiple channels i.e.: phone
number, email, mobile, address or language opt in’s
for further communication as above.
31. Could you please specify what will be the
scope in terms of effort or FTEs/Geo for the
24hr helpdesk?
Full specifications will be required on appointment
of supplier – the following is a basic guide only.

Agile and expert technical support and full
prioritisation processes for bug fixes and technical
queries

Automated
and
fully
documented
process/procedure for error monitoring and logging
24 hour support desk on request (for larger appeals
and campaigns)
32. To display country-specific payment
methods requires details. For example:
When a donor from China accesses the
UNHCR International site, the system would
need to display the available payment
methods specific to China.
UNHCR is not able to provide a detailed list of local
supported payment system – these are normally
provided by the payment gateway.
Could you please provide us the detailed list
of rules - like "PCI Compliant" supported
payment methods - needed to verify prior to
displaying the local specific payment
methods.
33. Kindly list the details about all databases
currently being used (donor databases) and
which Operating System environment are
they running on.
UNHCR offices use different databases - we don’t
have a full list of names and OS environment.
34. Please provide details on the browsers and
versions that the donation system needs to
support and the browsers and versions it
currently supports.
Front end support for:
UNHCR International and some other UNHCR
offices use Salesforce. However, UNHCR requires
the donation system to have the capacity of
integrating with different databases such as
Microsoft CRM, ROI and others.
Internet Explorer 7+
Firefox 4+
Chrome 10+
Safari 4+
Backend (Admin area) support for:
Internet Explorer 8+
Firefox 17+
Chrome 22+
Safari 6+
35. Does Video upload through CMS need
permanent archival like a specific storage
system or would it be stored in the database
system?
If needed to, how many video files are to be
stored? Is there an upload size restriction?
Videos will be stored on video third-party hosting
services such as YouTube or Vimeo.
36. Please provide information related to
platform, technology used to develop the
existing donation solution at UNHCR
International and also (if possible) at other
UNHCR offices - Australia, Germany, Spain,
Italy.
UNHCR International, UNHCR Gulf, Latin America,
Belgium, Netherland and UK current donation pages
are hosted on a custom CMS called Mustard hosted
by Think Limited.
Other offices use other donation systems. UNHCR is
not able to provide a full list of each office’ systems
and related technology.
37. Do you have any existing middleware in the
landscape? If not, would you be interested
to use open source middleware for
integrating with third party payment
gateways?
UNHCR would be open to using ‘middleware’ to
integrate with alternative/local payment gateways
in different countries.
38. Can you please share the list of real-time
interfaces that are required between Global
Donation System and Payment Gateways?
Normally the Payment Gateway will manage bank
details and have different procedure for processing
the donations.
E.g., Do you have a separate interface for
credit card, debit card, etc., or is there any
Canonical model which comprises all the
details of credit card, debit card, etc. and
represented as a single message for all types
of transactions?
However, UNHCR requires being able to report on
the status of donation s (settled, refused, cancelled),
amount raised, type of donation (regular of single)
the theme/campaign of the page the donation was
made to (Syria, Philippines etc.) and report on donor
personal details (Name, country etc.) UNHCR
doesn’t require to access donors bank details.
Ideally UNHCR would like to offer donors who made
a regular donation with a dedicated link to a
dedicated secure page where the donor can
edit/update their personal and bank details.
39. Google Checkout as third party payment
gateway is announced as "End of Life".
Please see the Google announcement on
https://support.google.com/checkout/sell/a
nswer/3080449. In this case, should we look
at an alternative and what is your
recommendation?
UNHCR welcomes any recommendations for
payment gateways including alternatives to Google
check out to include full integration with Paypal.
40. Concerning "Quick Address" search. Is there
a specific database to integrate with?
UNHCR is currently using (although not live yet) Post
code anywhere. UNHCR is open to other
recommendations but it requires to be an
international post code finder.
41. Could you please indicate what the required
service levels for standard office support
are?
UNHCR will need you to provide your suggestions on
these, we are particularly interested in bug fixes and
any system failures – and turnaround times for
these to be fixed. This is because any system failure
in relation to minutes/hours etc. results in loss of
revenue for us.
We would also like to explore 24hour service level
for above when we are in ‘Emergency’ appeal mode.
42. Is a new website/templates design required
during the implementation of the Donation
Management System?
A new design is not required. Initial templates can
be based off the current design but we expect that
some design work will be required to make the site
mobile responsive.
43. Are only the payment pages of the site in
scope for Google Analytics implementation?
No, also the pages hosted on the CMS as UNHCR
needs to be able to report on traffic referrals, traffic
sources, user profile (country, devices used) and
other info which won’t be available if only tracking
the payment pages.
44. What would be the volume of the scope? i.e.
- how many sites and pages would be in
scope for placement of Google Analytics
identifiers (tags)?
All the donation pages for all UNHCR sites where the
global donation system is used should have Google
Analytics /Google Tag Manager tracking in place.
45. Are the payment gateway pages also to be
placed Google Analytics identifiers (tags)? If
yes, would we have access to payment
gateway pages for tag placement?
It depends on the payment gateway and how the
global solution is integrated with the payment
gateway.
46. Will the language based donation pages be
just different experiences on the same site
or different sites? Will same templates be
used for different language pages with
translation on top?
In general the same donation page template is used
across different sites and languages however
different UNHCR offices might want to create
different templates.
47. What metrics/KPIs and trends need to be
tracked by Google Analytics identifier?
UNHCR is in the process of implementing Google
Tag Manager – this will require custom code to be
installed on the donation pages included the thank
you page.
In general if required access to the payment
gateway can be given by UNHCR.
The different language/country pages would also
want to have individual URL’s, i.e.: donate.unhcr.org
and donate.unrefugees.org
Google Tag Manager code will need to be able to
report on transaction id, page theme/campaign,
page language, UNHCR office, amount donated and
currency, type of donation (single or regular),
frequency of regular payment and potentially other
information from the donation form.
Additional standard GA e-commerce info will also be
tracked such as traffic referrals, source medium,
devices, PPC campaign etc.
48. What kind of custom codes will be needed to
be developed and for tracking of what?
UNHCR would provide custom code that could be
for ad serving tacking or database integration. We
don’t currently have a specific custom code to give
as an example.
49. Of what application would the third party
custom codes be?
It would be for third parties databases such as
Salesforce or ROI or for ad serving tracking.
50. We understand that Donation pages need to
be optimized for Mobile/tablets?
Can you please elaborate on the mobile
platforms in scope for testing?
Smart phones and tablets running iOS, Andriod,
Windows Phone.
51. Does UNHCR have licenses for testing tools
i.e., Test Management, Test Automation and
Performance Tools which can be used for
this particular engagement? If yes, what are
the tools available?
No, UNHCR doesn’t have licenses for such tools.
52. Is there an expectation that a multi-location
performance testing needs to be carried
out?
This is because the applications can
potentially be accessed by multiple people
across various locations.
UNHCR would want the experience of users around
the world to be the same. Performance test may be
needed to ensure this.
53. Will the external systems or stubs available
for performance testing of E2E scenarios?
We do not have any external systems for
performance testing.
54. Would UNHCR be open for external hosting
(like Amazon etc.) of the website/CMS and
Donation Management System and is there
preference for any location for hosting?
The current donation system is hosted on a
combination of Amazon servers and Worldpay
servers.
55. Is Disaster Recovery required? If so, does it
exist today? What is the current/proposed
RPO/RTO?
UNHCR requires the bidder to suggest a disaster
recovery process.
56. Do you have specific DC certification
requirements?
What are the Data Storage/Privacy 
requirements?
Third party providers should operate in accordance
to the following standards

PCI DSS – PCI Security Standards Council -
Location preference would be based on providing
the best possible site performance for the majority
of users.
ISO 270 27001 – International standard for
Information Security Management Systems
https://www.pcisecuritystandards.org/
When banking data is collected the requirements
differ country by country. There is no official
universal standard. The basic requirement is secure
data collection and ensures that the data is stored in
a secure database. Some local requirements may
exist in each market the UK banks require account
validation software to be integrated
Data storage – the third party payment service
provider will secure the payment data on behalf of
the UNHCR.
57. We understand that we need to comply ISO
27001 and PCI DSS standards. Please share
what are the applicable regulatory locations
or other applicable standards which we
would need to support?
Please refer to page 9 of the RFP (Global standard
and Security)
58. Is there an expected frequency
vulnerability assessment required
UNHCR?
for
by
Yes, UNHCR would require a regular vulnerability
assessment but we accept recommendations from
the bidder on frequency.
59. Please confirm if encryption solution is
required to secure the information to and
from databases?
Depending on the different CRM the donation
system will be integrated – different level of
encryption will be required.
60. Does UNHCR have a risk assessment
framework which needs to be followed? On
which industry standard is the risk
assessment framework based on?
UNHCR has several different risk assessment
frameworks depending on the activity.
61. Is there any report\dashboard required for
security reporting?
Currently, our payment provider reports on all
online security risks with online payments.
62. How many transactions do you currently
process, per month, per currency?
Currently we are mostly processing in US dollars, UK
pounds and Euros. This will change when we utilize
the currency aspect of the whole system and
improve this aspect for international donors.
Please advise which industry standard your risk
assessments currently are running to.
At this point UNHCR is not in the position to share
figures of transaction.
63. In which countries will the global solution be
It will be used in the UK, Belgium, the Netherlands,
used? Where will the users be based?
Switzerland, Mexico, Brazil, Emirates.
They will be based in their local country.
64. How many sites will need to be established?
To begin with it will be 7 sites (Uk, International,
Gulf, Belgium, Netherland, International French,
Spanish and Portuguese) but the aim is to have
more UNHCR offices using the same system.
65. Who will need to be trained (F2F, train the
trainer)?
The local digital staff will need to be trained.
66. Can we assume that the solution used by
staff will only work in English?
Yes, your assumption is correct.
67. Who will have access to creating web pages
e.g. one country, role based access?
UNHCR would like to give different permissions to
different staff members.
68. Is there a requirement for data migration, if
so, what data (data type & data amount)?
There would be no need for data migration if the
payment provider is not changed i.e. WorldPay.
If the payment provider changes then we would
need to migrate all data from this system currently
around 100,000 records.
This data consists of all transaction details but not
including credit card (financial) details.
69. Can you confirm that you use Salesforce for
your current CRM and Exact Target for your
bulk Emailer?
Yes, UNHCR International and some other UNHCR
offices use Salesforce as CMS and Exact Target as
email broadcast tool.
However it’s required that the Global Donation
Solution has capacity to integrate with other third
parties databases and email systems as well to meet
other UNHCR offices requirements.
70. What exactly does the
mean? Does this mean
words rather than an
numbers and letters,
friendly?
user friendly URL
it is to consist of
eligible suite of
thus being SEO
Yes, correct. UNHCR requires also the ability to have
for the same donation page multiple friendly URL
and to be able to manually customize the URL.
71. Please explain ability to add 'earmarking'
codes for each payment relevant to UNHCR
fundraising campaigns. What exactly are
'earmarking' codes? Are these to be unique
codes associated to each payment
form/page that UNHCR use to determine
Yes, correct - our codes will look something like
UKEN001
UNHCR needs to be able to identify the language of
the page, the campaign/theme of the page and the
UNHCR office the page is for.
which campaign/payment
payment was processed by?
form/page
a
72. Most UNHCR offices would prefer to have a
payment system that passes data securely to
their in-house databases automatically.
What are these in-house databases? What
types of data would they need passing and
storing - user data, report data etc.?
What levels or methods of Encryption? Realtime or batch processing? What will UNHCR
do with this data?
UNHCR offices use different databases - we don’t
have a full list of names and OS environment.
UNHCR International and some other UNHCR offices
use Salesforce. However, UNHCR requires the
donation system to have the capacity of integrating
with different databases such as Microsoft CRM, ROI
and others.
Each office will have different requirements in terms
of what data would they need to pass and store,
with what level of encryption and whether in real
time or batch processing. The basic general
requirement is that the global donation system has
capacity to integrate with third party databases and
securely pass donor personal info and related
donation information.
UNHCR will then use this info to report on income
and campaign performance and improve donor
relation and retention by sending commercial and
transactional emails.
73. We do not have CMS system but we are a
payment service provider like WorldPay.
Please confirm the RFP for choosing a CMS
system which is connected to payment
gateways.
We are looking to a provider to offer a full CMS
service for our global online donation system – and
also to make recommendations on which payment
provider would be best suited to integrate into this
system.
74. Is there minimum amount of insurance you
require and is there a company that UNHCR
prefers contractors to use?
UNHCR does not specify what insurance company
you should use.
75. We do not have ISO certification. Will
submission of our degrees be acceptable?
Yes, it will be acceptable.
76. While our company can meet all the
Gateway requirements as outlined in the
Terms of Reference, we cannot provide the
CMS and Web development capability that
you need in order to satisfy the web site
requirements for the Global Donations
Solution. We do hope to have the
opportunity to submit a proposal for the
Unfortunately it is not possible to bid for portions of
this project as UNHCR is looking for suppliers who
can provide all services required.
Gateway portion of the project.
Financial Related Questions
77. We can provide you with financial
statements for the last years. However we
are not required to have audited accounts. Is
submission of audited accounts a mandatory
requirement for you? Will a letter from the
accounting firm work instead of audited
accounts?
Kindly provide us with your financial statements for
the period of the last three years. If selected, further
due diligence may be required.
78. Please clarify the applicability of the special
terms and conditions for fundraising to the
scope of engagement for IT services provider
companies.
Both Annex D: UNHCR General Conditions of
Contracts for the Provision of Services and Annex E:
UNHCR Special Conditions for Fundraising Activities
apply to all bidders who submit an offer for
RFP/2013/565.
79. The Vendor Registration Form states to send
it to a separate UNHCR address based in
Hungary. Do we need to send Annex C to
this address as well as include a copy within
the Technical Proposal?
You only need to send your Vendor Registration
Form electronically with your Technical Proposal to
the designated e-mail address whilst submitting
your offer.
80. 'The selected vendor is expected to start to
deliver the core outcomes of the project by
November 2013.' Presumably this deadline is
no longer valid and has been revised?
As written in Annex A, page 4 the services are
expected to begin in the first quarter of 2014.
81. Our company’s business model is built
around collaborating with other coaches to
provide services to our clients. We do not
have employees but we have access to an
excellent team of coaches who come on as
needed in the capacity of sub-contractors.
Will that be acceptable for the purposes of
this project?
Please find the relevant conditions of subcontracting
in Annex D: UNHCR General Conditions of Contracts
for the Provision of Services under section 5.
“Subcontracting”.
82. We already have a contract with UNHCR for
other services. If being awarded for this
project is it possible to include the present
scope of work under said agreement?
As this is a separate requirement a new contract will
be established.