FAQs
Last updated
Last updated
Our timetable is compatible with screen readers such as the Apple iPhone screen reader.
You might receive an error like this stating that the Timetable's API call to our Platform has been blocked:
If you receive a message like this, we recommend verifying that your API key is correctly included and properly used in the API call.
Yes we can, but this requires some custom work on our side. Please get in touch with us so we can understand what your requirements and provide you with a quote for the work.
We are unable to currently display this in the Facilities Timetable. However, there are workarounds such as including this information in the description, so please share your requirements with us and we will assist you in the best way possible.
Yes, the button should function as a deep-link taking the user directly to their chosen session.
For Gladstone Connect, if the user isn't logged in, it will take them to the Gladstone log-in page and then, once logged-in, it should take the user automatically to the relevant page within Gladstone.
For Gladstone GO, the user will land on the specific page, ready to add to the basket, without needing to log-in first.
We have completed the work to ensure the Sessions Timetable can deep-link into GO Book. However, one remaining task is to enable deep-linking from the Facilities Timetable into Gladstone GO. In the meantime, if you're still using the Connect module, members can can login and book in the usual way.
At present, we exclusively use Stripe as our payment gateway, though this may change in the future. Stripe is known for its ease of setup and use, and feedback from finance teams we've worked with highlights its user-friendly interface and robust security.
Your DPO may have questions to do with data privacy and security for the Live Timetables. Below are some helpful answers to common questions from a DPO.
Your open data feed should contain no personal data as it is simply showing activity data such as time, price, location of an activity.
Your open data feed is published using a creative commons CCby4 licence. This means that it can be used by anyone for any purpose so long as they attribute it to your organisation.
There are no restrictions on storage of this data other than respecting your wishes for it to be deleted, which happens automatically. For example, when you cancel a session within your booking system, it will be removed from your open data feed and, therefore, we must remove it from our end, wholesale.
Please refer to our subprocessor's list, privacy policy and security/compliance information.
All of our subprocessors are in the EU, and for those that aren’t, we ensure we have Standard Contractual Clauses signed and documented to ensure data compliance equivalence.
We regularly store data related to payments and transactions in the form of:
The logging procedures of product for reporting, de-bugging; and
Alerting internal team members (e.g. via Slack).
We are required to store this information because:
In the event of an issue or where we are required to manually cancel or issue refunds, we need a history of bookings and transactions;
In the event of a dispute, we need certain information about a booking; and
In accordance with UK laws, financial transaction history must be stored for a certain period of time.
It is possible to store your unique API key in a CMS like WordPress or a custom implementation so that it is not hard coded into your codebase. You can do this by retrieving the API key from a database table or configuration and assigning it to the apiKey variable.
The example code snippet below, which is specifically intended for WordPress, retrieves the imin_api_key from the options table and assigns it to the apiKey variable:
The above snippet only works for WordPress.
It uses the ternary operator to ensure that if no API key is found, the apiKey is set to an empty string. In this instance:
get_field('imin_api_key', 'option') retrieves the API key stored in the options (make sure this key is properly set in your configuration); and
? : (the ternary operator) checks whether the API key exists:
If it is found, it outputs the key wrapped in single quotes.
If it is not found, it assigns an empty string.
Although the key is wrapped in single quotes, be cautious when outputting sensitive information directly into JavaScript or the frontend. Consider additional security measures such as environment variables or server-side handling.
The empty string ('') is used as a fallback if no key is present. Ensure this does not lead to unexpected behavior in the application (e.g. failed API requests).
For further information on using your imin API key, please refer to our Authentication page.
Yes. The scripts for both the Sessions and Facilities Timetable code includes the information required for the iframes to have title attributes to cater for accessibility requirements. This will allow you to add alt-text to your timetables.
