Web development Birmingham

Frequently Asked Questions

1. Why should we use Scorchsoft over another agency?

Our clients use us because of our broad capabilities to successfully deliver complex app and online portal development projects. We have over twelve years of experience in solving all kinds of problems, such as working alongside existing development teams, working with legacy systems to support new app developments, building technically complex features, and bringing together systems, processes and applications with seamless integration.

If you have big ideas, find yourself with complex problems and want the very best from an agency, then Scorchsoft can help.

2. Can you give me a fixed-price quote?

Yes, we can.

Before we begin your project, we work with you to write a detailed project specification and then provide you with a fixed-price quote to deliver the work. This fixed price and specification protects you: you can hold us accountable to deliver exactly what has been put to paper, for that exact cost. No hidden charges, no sneaky fees, everything is clear and concise.

A fixed price and accurate specification may take a commitment of time from yourself and Scorchsoft to reach. Before that commitment is made, you may appreciate a ballpark quote. See below.

Get a free quote >

3. Can you give me a ballpark quote?

Yes, we will always try and give you a ballpark or approximate price as early as possible; normally on your first call or email. Having a rough idea of expected costs as soon as possible helps you to qualify whether what you have in mind is commercially feasible and if you would like to investigate further.

Ballpark estimates are educated guesses based on our experience, so please remember that the actual final cost may go up or down as we take the time to explore your requirements in more detail. The more information you can provide us with about what you need, the more accurate our ballpark estimate is likely to be.

Get a free quote >

4. I’ve got an idea, where do I start?

Talk to us. If you share your idea via this form, one of our team will respond within one working day by email or phone.

If you’d prefer to speak to us right now, call 0121 7240447 and one of the team will talk through your ideas and project.

We never hard sell, all calls are without obligations, and we’re always happy to help.

Tell us about your idea >

Get a free quote >

5. Can you build apps for both iOS and Android?

Yes, most of the apps we make support both iOS and Android mobile platforms. It’s common for people to want their applications to work across web and mobile devices, so we use development frameworks such as React and React native that enable us to quickly support both platforms.

6. Do you build web applications too?

Yes, in fact nearly every mobile app that we build also needs a web based application behind the scenes to drive it. Ever logged into an app? There is a web server in the background, serving the app with data that is checking whether you have permission to log in, or not. 

7. How do you make sure you build what I want, and don’t get it wrong?

We don’t just blindly begin building your requirements; we start by having a meeting to understanding the commercial factors that are driving the need for your project. We want to get to a position very quickly where we know enough to challenge you on the assumptions you’ve made about the features you require.

Once we understand your business, we go to lots of effort at the start of a project to work with you, and scope out your requirements in detail.

You don’t just want us to tell you that we understand your project, we need to prove it to you. This is why we will often create a 10+ page requirements specification, with wireframes where appropriate, before we design a single pixel, or write a line of code.

8. What kind of support will I receive throughout the development process?

You will be assigned a dedicated project manager, who will be your primary point of contact throughout the development process.

All of your requests and questions are managed through our support portal, to ensure we give you a swift response, and your work is prioritised appropriately. We also offer a range of support and maintenance options to ensure we are responsive to your requests after the launch date.

You can read more about our project management process in our answer to "How will you project manage my project (e.g. AGILE, Waterfall, etc)?".

9. Will I own the source code?

Yes, you will be assigned appropriate copyright or licence rights for the bespoke code that we write for your project. We are transparent with intellectual property rights, and you will have the opportunity to review our code ownership terms before the project begins.

10. How do you keep my app and data secure?

Scorchsoft is a Cyber Essentials Certified company:

Frequently Asked Questions - Mobile App Development FAQ's

To ensure a secure service, we do not publicly detail all our security precautions. However, we can provide an overview of some of the steps we take to protect your data:

If you host with us, our data centre is based in London, with dedicated managed servers supplied by VI.net. These data centres are manned with 24/7/365 access via secure procedures. Redundant, meshed Cisco 6500 series routers (true as of 9/2017) with redundant fibres capable of 320Gb/s in total-for-total resilience. Our servers are regularly updated to run the latest software and patches, and the servers themselves have a firewall. 

The back-end server code used to drive your application is configured to run over HTTPS and has a secure SSL certificate installed.

We store passwords as hashed strings using a per-user salt, and in some scenarios, we store some sensitive data using two-way encryption algorithms. Should the worst possible scenario happen, and your data is compromised, the culprit would still need to perform complex decryption for the data to be readable.

The frameworks that we develop within, provide tested security features out-of-the-box. For example, Yii2 and Laravel allow us to escape and sanitise user inputs to protect against SQL injection attacks, XSS, host-header and CSRF exploits, as well as avoiding direct file exposure through protected and restricted directories. Debugging modes are only enabled on test environments, meaning that live servers don’t reveal source code in the event of an error. We also write our own code in special circumstances to build upon the protections provided by such frameworks.

Even with the best development frameworks, it’s possible for developers to make mistakes that pose a security threat accidentally. As a layer of additional security,

we use third-party security software (Codacy) to audit every line of code that we write. Codacy sends the team notifications with each code ‘commit’, alerting us to potential security issues within our system, thus reducing the risk of publishing serious issues.

Public-private keys are used to give developers SSH access into hosted accounts when deploying code, which allows for the secure management of access credentials.

Our standard servers are backed up daily, both on-site via bare-metal backups in the event of a complete server failure, as well as in a secure, redundant, off-site location within the UK. This backup process provides multiple layers of backup redundancy, allowing for the quick and complete recovery of data.

We offer the option to integrate your site or application using a secure content delivery network such as CloudFlare or Akamai. These can provide an extra layer against DDoS attacks while also speeding up the performance of your service. They provide an additional firewall layer, rate limiting, and mask your server’s IP address from those with malicious intent.

Sites that take payment do so via industry-standard PCI-compliant processes.

All of our staff are contractually obligated to follow our security policies and receive training on the latest data security procedures. We regularly sign non-disclosure agreements (NDA), our company headquarters are within lockable facilities, which require fob access and keycode to enter, and are monitored by CCTV.

For enterprise customers we can provide a security and vulnerability audits service, as part of a project’s deployment using Tenable Nessus software.

11. How long will it take to build and launch my app?

Many factors contribute to launching a successful project, and some requirements may result in the project taking longer to develop than others. However, for estimation, a good guide is that a project will typically take one month for every £7,000 (+VAT) of development work.

12. Can you deliver my project quicker?

In some cases yes, in others, no.

Can nine women deliver a baby in one month? This analogy can be applied to tech projects too.

Sometimes, by dedicating more developer resource to a project, it can be completed much faster. But in other situations, we may be restricted by the project, technology or security requirements.

If you have a date requirement, contact us as soon as possible so we can do our very best to meet it.

13. Do you provide ongoing support, maintenance and updates?

Yes, we offer the option to engage us on an ad-hoc basis for support, or have monthly retainer options should you require a more consistent and reliable level of service.

Ad-hoc support can work for projects that need minimal support as to avoid the need for fixed ongoing monthly costs. However, this can be at the expense of responsivity as requests are scheduled based on when our resource is available. 

Most of our clients choose to have at least a small monthly support retainer to get the best responsivity, as dedicated time is scheduled months in advance. If you have a highly technical project with us, then we would recommend opting for a monthly support retainer to cover small ad-hoc changes, improvements, updates and support.

We base our retainer pricing on the amount of development and support hours you need each month. The number of hours that you need depends on many factors such as the size of your project, or the number of new features you are likely to need each month that you’d like to be covered by your retainer arrangement. It’s important to us that you get value-for-money so we’d recommend putting together a nice-to-have list so that your allocation is used each month on value-adding improvements.

Should you have ongoing project requirements beyond the launch of the first version of your website or app, then you may want to consider taking an AGILE approach to your project and have an ongoing retainer arrangement with us that allows us to build, test and deploy larger new features every month. Under this agreement, we would have a retainer allowance which pays for enough time to develop significant new features. At the start of each month, we would agree on the work that is going to form part of the next sprint (i.e. the next 2-4 weeks) and would deliver the work at the end of that period.

Read more about AGILE v.s. Waterfall with our answer to "How will you project manage my project (e.g. AGILE, Waterfall, etc)?".

Clients who favour AGILE, typically understand that we need to perform significant amounts of work over the coming months, but they might not know when they need what feature, or if the requirements will change. It’s common for start-ups to go AGILE, as the way that users engage with the product once it launches can have a significant impact on which features or changes need to be prioritised, or may give light to new high-priority changes that would be difficult to predict before launch.

14. Can I make changes to my app or website after its launched?

Yes, in fact, we highly recommend that you begin by launching the simplest possible version of your vision first and continue to adapt it over time. This staged approach is called launching a "minimum viable product" (MVP). 

The idea behind launching an MVP is that you’ve inevitably made assumptions, and you can’t test these assumptions until you release something to the world. By releasing a lean first version, you can test your assumptions and use this information to decide on the priorities of future requirements. It reduces engineering waste.

We have some options around making future changes to your app or website.

You can either commission us to update your app or website on a project-by-project basis, whereby we specify, quote, schedule and finally deliver a fixed set of requirements as-and-when you need them. Or, we can take an AGILE approach whereby we schedule in a certain amount of developer time each month to constantly improve things for you. Both approaches have merit, and it’s likely that you will know instinctively reading this as to which is right for you.

15. What programming languages and frameworks do you use?

We like to use open source languages wherever possible with HTML, CSS and JavaScript on the front end, and JavaScript or PHP on the back end. We use React Native for most mobile app projects, but will sometimes use Cordova or PhoneGap should we be working within tight budgets or need to support web, Android and iOS quickly.

For web apps, we use frontend layout frameworks such as bootstrap, ant design or material design, in combination with front-end code frameworks such as React or Angular. On the back-end, we usually use a PHP framework such as Laravel or Yii2, or JavaScript using NodeJS

16. You use both PHP and NodeJS, why not only use Node or PHP?

There are no right or wrong languages, and you can achieve small and large projects using either of these technologies.

We consider both PHP and NodeJS when starting any new project, considering the best approach based on the capabilities of the tools that support these technologies.

For example, we may be more likely to use a PHP framework such as laravel for projects that suit a monolithic architecture. And, we may be more likely to use NodeJS for solutions that require us to configure microservices.

17. How do we handle sharing data between web and mobile platforms?

We start by creating a central database that will hold all your data; we then put in place an interface (an API) to allow the web and mobile apps to send and receive this data.

Think of an API as a digital version of a drive-through burger restaurant. If you ask the teller for a burger, then you'll get given one from the kitchen. Ask them for a trampoline and tell you that they don't sell that product. When we build a connection between your web app and your mobile app, we will configure these rules but based on the functionality of your system. 

We’ve written a free eGuide on this topic should you want more information about how the setup works.

18. Can we connect our existing web systems / tools / websites / CRM, etc?

Usually yes. Most modern apps and systems will have an interface like what we described in the last question. Ask the company if they have any “API documentation”, if they do then it is very likely that we will be able to integrate with the system.

We’ve experience connecting with lots of different systems and online tools to drive app functionality - here are a few common ones we’ve worked with: Facebook, Twitter, LinkedIn, Amazon AWS, Salesforce, Google maps, Matchmaker, Broadbean, Google Sheets, PayPal, Stripe, Airtables, Mailchimp, Campaign Monitor, Marketo, Insightly, JT Telecom, SMS Gateway, Worldpay, Sagepay, Mailgun, Xero, Analytics, Youtube, Vimeo and others.

19. I want to take payments, how does this work?

We take payments in-site or in-app using a third-party payment provider such as Worldpay, SagePay, Stripe or PayPal. There are lots of different payment providers out there that we can integrate with, but they typically fall into one of two categories:

  1. Full end-to-end
    Stripe and PayPal fall into the end-to-end category, though there are more providers out there. With this kind of vendor, you use their service, and they handle both the merchant services and fund collection for you and provide you with a dashboard. You have a balance that accrues with every sale and payments are made into your bank account at regular intervals, usually every seven days. End-to-end is the simplest option, for example, Stripe charges 1.4% +20p (at the time of writing) for European cards, and 2.9% +20p for non-European cards.

  2. Merchant services
    SagePay and Worldpay fall into this category, who act as a middle-man between your bank and your website or app. The merchant-in-the-middle charges a fixed price per transaction, and then your bank takes a fixed percentage on top of the merchant services fee. Worldpay, Sagepay and the other merchant service middle-men typically charge 10-20p per transaction and will usually have productised packages based on order volumes.

    With this route you will need to negotiate with your bank about the fees they charge - it’s not uncommon for businesses to shop around the different banks to find the best deal. You will typically be able to achieve between 1-4% depending on the size and nature of your business.

    The largest benefit of the Merchant services approach, is that funds clear directly into your bank account, which may be worth a lot to you if you have a high sales volumes.

The merchant services integration typically requires more development time to support as fewer payment related capabilities are provided out-of-the-box, compared with using an end-to-end provider such as Stripe.

20. Are you able to work with our existing technical / design / marketing team?

Yes, we specialise in highly bespoke projects, and it is common for us to work with existing systems and teams. 

When working closely with other suppliers that are relevant to your business, we aim to build a strong collaborative relationship with a focus on cooperation and support for all of those involved.

If these stakeholders are crucial to the success of the project, then we would recommend arranging a call or meeting with them early on, to explore their ideas and identify how to work around any potential environmental limitations.


21. Do you offer graphic design / interface design services?

Yes, if it’s digital. Most app projects start with creating custom visuals of how the app will look and feel before we start development. 

We begin the design process by discovering the value behind your brand, its image and your business as a whole. Once we understand your requirements and objectives, we can engineer a design that is easy to use and performs for your business. I use the word 'engineer' here as good design is more than just pretty pictures - what we build has to work for you. Often this translates to users that enjoy using the site or app, and implementing processes that are optimised to convert clients.

We'll usually begin the design process by wireframing the various sections of the project, thinking carefully about the user journey throughout the whole process. Once you're happy with the wireframes and specification, we will design sharp-looking mockups demonstrating how your app or website will look once built. You'll be given the opportunity to feed back on the look-and-feel and we won't begin coding it up until you are happy and have signed off on the artwork. 

Effective design and usability are all about continuous improvement based upon how users engage with what we've made. Tools like HotJar allow us to see heat maps and videos showing how people are using your post-launch product in the real world, providing valuable guidance on what's working and what needs improvement.

22. We already have designs, can you work with those?

Probably, yes. We prefer to follow our own design process if possible, as it allows us to deliver the best quality and consistency, but we can be flexible with this. 

If your designs are strong and we are confident they will be effective, then yes, we will be able to work with them. If, however, they do not meet our high standards, then we will be honest and recommend that we create the designs for you instead.

23. Do I need to worry about the EU's new GDPR rules?

Almost certainly. The GDPR regulations will affect your business if you have a website, or store customer data. If you ignore the new rules then you may be liable for fines of up to 4% of your revenue, or €20 million, so you don't want to get this one wrong.

We appreciate this is a complex topic, so, if you want to know more, we have written an article all about how to prepare for GDPR that's full of actionable tips.

24. Can you provide hosting for our website or app?


If you have a site or app with small resource requirements, then we can host your project on our managed servers. If you have specific hosting requirements, intensive resource demands, or require something more specialist, then we can set you up with your own dedicated, cloud, or load balanced hosting environment. 

For example, if you need to handle high volumes of processing and traffic globally then we may opt for a bespoke multi-server hosting setup using Amazon’s EC2, Cloud Front, Elastic Load Balancer and S3 storage facilities.

Should you be unsure of what you require, one option is to start with a simple hosting package first, and then move to a more advanced configuration if your needs grow.

25. How do you manage backups?

Our standard servers are backed up every day, both on site via bare-metal backups in the event of a complete server failure, as well as in a secure redundant off-site location within the UK. This provides multiple layers of backup redundancy, allowing data to be recovered quickly and completely.

Should you need data backups by-the-minute then we can configure a bespoke setup for you based on the granularity that you require.

26. Can you manage our marketing channels for us (Social media, Adwords, email, etc)?

We naturally provide a degree of strategic support around your business and marketing plans based on our experience as part of every project, and we can build tools to integrate with your social media or email marketing software. However, we are not an end-to-end marketing agency so don’t write copy or manage your marketing campaigns for you. 

If you need strategic marketing, social or SEO support, then we have some trusted partner companies that we work with on a regular basis that we’d be happy to introduce you to. If you'd like an intro to one of our preferred suppliers, then please feel free to contact us and let us know what you need.

27. How will you project manage my project (AGILE, Waterfall, etc)?

We follow both Waterfall and AGILE practices depending on the process that's best suited to your business and the way you want to work with us. 

Here is how to decide which approach to adopt.

Most clients who come to us with a new project want us to provide a fixed-price quotation to complete an agreed scope of work. It makes sense from a budget perspective, and you need a fixed figure to plan for or sign-off with purchasing. If this represents you, then we will most likely follow a Waterfall approach to project management to deliver the first version of your project. 

A waterfall approach means that a project plan is defined before the project begins (the top of the waterfall), and as the project starts all those defined plans fall into place.

This process is less flexible than an agile approach, which allows big sweeping changes according to business needs, but it means you know exactly what you’re getting, exactly when you’ll get it, and exactly what it will cost.

With AGILE you identify an approximate direction that you want your site or app to go in (product roadmap) but you don’t define it all upfront. Instead, you work in repeated one-month (or less) cycles called a Sprint. At the start of each sprint, you agree the work that will be completed in that period, and how success looks. 

The AGILE process is far more flexible than a waterfall approach: it allows drastic changes to the project according to your business needs and changing requirements but does not have that long-term future prediction that waterfall provides.

Think of it as lots of mini-waterfall projects. Each sprint happens at the end of a short period; you can release new features and versions regularly, and change the plan for what will be developed as your priorities inevitably change. With AGILE, instead of defining a project cost, you define a monthly budget that relates to the amount of development time that you require. 

In summary: Waterfall is less flexible but provides better budget certainty if you know your requirements are unlikely to change over the life of the project. AGILE is more flexible and gives you a process that comfortably allows for regular change as your priorities shift, but also requires a more flexible pay-for-time approach to billing. If you want to launch a project that changes little over time, then Waterfall may be the best approach for you. If you have lots of features you want to add into your project past the launch of version one, then we’d recommend shifting to the AGILE approach with a fixed monthly budget.

28. Do I need to test my app or website?

Yes, we will need your support with testing the project, please. 

We have processes for testing and quality assurance, but the way that we think and use your app, is different to how you will. You defined the project, and you know what you want better than anyone, so you’ll probably use and interact with what we’ve built in ways that we couldn’t have predicted. 

Even if everything works 100% perfectly when we hand it over to you, you will need to check that everything works as expected to sign-off on the work with confidence that we've delivered the project to meet your specification.

Testing and achieving sign-off will require some time investment at the end of a project, and potentially at intervals across the life of the project too – So make sure that you set aside some time in your diary for when it’s needed.

29. What if I want to switch supplier later, or bring development in-house?

We recognise that there are many scenarios where you may grow to a point where you no longer need us. For example, a start-up may not have the experience or funds to employ and put the structures in place that are necessary to run an efficient in-house development team for some time. However, as the business grows, the commercial landscape may also change, and make in-housing the development team a sensible long-term decision.

And, we’re okay with that - In fact, we plan for it.

Our code is built upon popular frameworks used by lots of the best teams in the world. For example, we use the React Framework for many of our projects, the same framework that Facebook is built upon and drives all of their products. Provided they are used correctly, these frameworks provide rules and conventions that give consistency to the work that developers create.

These benefits extend to you too: Should our offices explode, which we sincerely hope that they won’t, then skilled development teams exist in the world that can pick up from where we left off. This significantly reduces project risk for you, offering peace of mind.

We also version-control our code using an industry-standard tool called GIT. Think of it like being able to save your game as you go - at key milestones developers can save their progress and GIT will remember all the file changes that form each save-state.

GIT provides a history of who has worked on what, and when, enabling us to manage the different versions of your application and safely enabling multiple people to work on a project in parallel. Once everyone is complete, we can pull together new code and features in a process called a merge. 

These methods allow our team to work collaboratively with each other and creates a win-win scenario that reduces your business risk too.

30. Do you have a UK team?

Yes. Scorchsoft is not a single developer operating from a back office, neither is it a front company where one person speaks to the client while sending all of the development work to other companies, making huge margins in the process.

We have a UK development team, on UK payroll, with chairs that swivel so that people can turn around and talk to each other in-person. 

We may occasionally use a trusted contracted resource or consultant to support us with non-core functions, such as copywriting, animation and graphic design, but that’s as far as it goes.

We do it this way because we try to create a culture of learning. We want those in our team to continually build their skills by learning from those around them. Deep personal relationships are critical to building a performing team, it’s the reason why when we have our weekly one-to-ones with our team, we like to have them face-to-face.


31. Which content management system will you build my website using?

There is a difference between a website and a web app, so this answer will exclusively talk about website content management. If you want to know how we build apps, then please read our reply to “What programming languages and frameworks do you use”.

We use a lot of different content management systems, and each one has its own set of pros and cons. Our usual go-to's are Yii2, Laravel, NodeJS, MODX and Wordpress, though we’ve also used many more including Drupal, Concrete5, Opencart, and Prestashop. 

There isn’t a one-size-fits-all content management system, as each one satisfies their own niche. But if you have simple requirements, then we will most-likely recommend MODX or Wordpress. 

Sometimes you may have more advanced plans for your website. You may want user login features with a bespoke dashboard, tools to take recurring payments, or want the option to build an app that connects to your website to populate it with data. If you fall into this category, then you should probably consider us building your site using a development framework such as Yii2, Laravel or NodeJS ExpressJS/Sails.

32. How will you handle project payments from us?

For small requests, typically £1,000 - £5000, we will invoice a 50% opening deposit and a final 50% deposit on completion of the work.

For larger scopes of work, we will split the payments over the life of the project at monthly intervals. For example, a £12,000 project over three months would divide into four instalments of £3k (25% each).

Any planning day fees are due in advance of the initial planning day meeting.

We work this way because it supports your cash flow, and means that you don’t have to pay too much money up front in advance of seeing some output from us.

33. Do you have any book recommendations that could help me with my project?

Absolutely! Here is a small selection of our favourites:

The lean start-up

This book isn’t just aimed at start-up entrepreneurs; it also applies to existing businesses launching new products. It covers the most effective way to launch and test a new tech product, helping you to eliminate waste and maximise success.


So you’ve just build your new start up or product now comes the hard part – marketing it to get major traction! Traction shows you how businesses, both new and old, have identified and exploited one or more of the 19 marketing channels that exist to achieve explosive growth.

The start-up funding book

If you’re a startup in the UK wondering how you may self-fund your venture, then this book is for you. It covers all sorts of finance options from loans to accelerator programs, Angel and equity investors.

34. I have a question that isn’t listed here

Please, let us hear it!

Ask Scorchsoft a question >

35. What next?

You’re here because you have an idea or a fundamental business problem that you’re trying to solve. If you want to find out more about us then you can check out our capabilities page or explore our case studies.

If you want even more information then it’s probably a good sign that it’s time to speak to us. You can start right now by telling us what you need via our contact form, or give us a call on 0121 7240447.

We reply to email enquiries within one working day.

Get a free quote >

Get a free quote