• Name of Product/Version: Noodle / 7.08.11
  • Report Date: 2020-08-10
  • Product Description: Intranet Software
  • Automated Testing.
  • Contact Information:

Level A


Conformance Level 

Remarks and Explanations

1.1.1 Non-text Content (Level A)


All buttons have descriptive title attributes or text content

1.2.1 Audio-only and Video-only (Prerecorded) (Level A)

SupportsNotifications use Operating System visual alters to complement audio alters. Audio alerts can be disabled.

1.2.2 Captions (Prerecorded) (Level A)

Not ApplicableNo audio/video content is included, users are responsible for making their own content compliant. Means are available for pre-recorded and live descriptions, subtitles, and sign language content.

1.2.3 Audio Description or Media Alternative (Prerecorded) (Level A)

Not Applicable"

1.3.1 Info and Relationships (Level A)

SupportsWith multiple text application views, and APIs data relationships are programmatically determinable.

1.3.2 Meaningful Sequence (Level A)


1.3.3 Sensory Characteristics  (Level A)

SupportsSee 1.1.1 Remarks.

1.4.1 Use of Color (Level A)

SupportsThe default style sheet is high contrast. Color indicators are accompanied by icons and text. Color indicators can be disabled. User created content has automatic contrast assist (posters). Maximum contrast styles can be achieved with custom style sheets or options.

1.4.2 Audio Control (Level A)

SupportsAudio alerts can be disabled. User uploaded media has default controls including volume. (As of 2020 individual web-cam/screen-share volume is supported in Chrome not Firefox)

2.1.1 Keyboard (Level A)

SupportsAll actions are achievable with [shift]tab,space,return.

2.1.2 No Keyboard Trap (Level A)

SupportsNo Keyboard Traps are present.

2.1.4 Character Key Shortcuts (Level A 2.1 only)


No Key Shortcuts are defined. Default shortcuts (copy/paste) are not disabled.

2.2.1 Timing Adjustable (Level A)

SupportsLogin session time limit can be changed and disabled. TOTP has a fixed limit but is optional.

2.2.2 Pause, Stop, Hide (Level A)

SupportsThere is no moving, scrolling information. Blinking, and auto-updating information can be stopped and scrolled respectively, and is only used where necessary in optional live feeds.

2.3.1 Three Flashes or Below Threshold (Level A)

SupportsTitle bar notification flash can be disabled and updates every 1/2 a second when enabled.

2.4.1 Bypass Blocks (Level A)

SupportsContent Blocks are not repeated.

2.4.2 Page Titled (Level A)

SupportsMeaningful Titles are displayed

2.4.3 Focus Order (Level A)

Supportsnavigation sequences does not affect meaning.

2.4.4 Link Purpose (In Context) (Level A)

SupportsLink purpose can be equally determined from context programmatically and generally.

2.5.1 Pointer Gestures (Level A 2.1 only)


Multi-point and path-based gestures have alternatives (portlet order via drag and admin down button, zoom via pinch and tap and click). All can be disabled.

2.5.2 Pointer Cancellation (Level A 2.1 only)


All persistent actions have an Abort option and or undo action.All actions that use a down event by requirement (drag and drop) have alternatives (order and upload buttons).

2.5.3 Label in Name (Level A 2.1 only)


All user interface components contain text by which software can identify it to the user.

2.5.4 Motion Actuation (Level A 2.1 only)


See 2.5.1 Remarks.

3.1.1 Language of Page (Level A)

SupportsThe lang attribute is used on all pages.

3.2.1 On Focus (Level A)

SupportsFocus has no context change (Notifications can be suppressed on focus)

3.2.2 On Input (Level A)

SupportsSetting changes (without submit button use ) will not change context.

3.3.1 Error Identification (Level A)

SupportsOn input error detection, a text description is shown and where convenient the input focused

3.3.2 Labels or Instructions (Level A)

SupportsLabels or instructions are provided for user input, and also for user generated user input.

4.1.1 Parsing (Level A)

Supportsmarkup conforms to specification.

4.1.2 Name, Role, Value (Level A)


Level AA


Conformance Level 

Remarks and Explanations

1.2.4 Captions (Live) (Level AA)

Not ApplicableSee 1.2.2 Remarks.

1.2.5 Audio Description (Prerecorded) (Level AA)

Not Applicable"

1.3.4 Orientation (Level AA 2.1 only)


Content flows, with minimal fixed width components.

1.3.5 Identify Input Purpose (Level AA 2.1 only)


programmatic Identification of Input Purpose can be achieved with placeholders, names, and previous elements.

1.4.3 Contrast (Minimum) (Level AA)

SupportsSee 1.4.1 Remarks.

1.4.4 Resize text (Level AA)

Supports300% text size is supported on 4k screens, mobile UI uses large text by default.

1.4.5 Images of Text (Level AA)

SupportsNo images of text are used.

1.4.10 Reflow (Level AA 2.1 only)


320 pixel width is supported via the mobile and top-navigation interfaces.

1.4.11 Non-text Contrast (Level AA 2.1 only)


See 1.4.1 Remarks.

1.4.12 Text Spacing (Level AA 2.1 only)


2x default text spacing is supported via zoom, custom CSS, or plugins.

1.4.13 Content on Hover or Focus (Level AA 2.1 only)


Custom tooltips are inlined when no pointer is detected or by option. selection and focus are supported. q will dismiss.

2.4.5 Multiple Ways (Level AA)

SupportsWith multiple application views, content views, and navigation options, in addition to quick links, external links, and custom user links Multiple Ways are supported.

2.4.6 Headings and Labels (Level AA)

SupportsStandardized Headings and Labels are used to make page purpose intuitive and programmatically identifiable.

2.4.7 Focus Visible (Level AA)

SupportsKeyboard focus is visible and adjustable with custom CSS (a:focus-visible,input:focus-visible{border:solid 5px red})

3.1.2 Language of Parts (Level AA)

SupportsPart language can differ from page language only via user input and that accepts tagging for programmatic use for the body of the content. the language of user input titles does not support direct language tags for programmatic use. A custom script can be used to tag persistent multi language features if required.

3.2.3 Consistent Navigation (Level AA)

SupportsNavigation including order is persistent (and can be customized to sort alphabetically, by date, or in a custom order)

3.2.4 Consistent Identification (Level AA)

SupportsButtons/Links of different types are identifiable by class (navigation vs persistent action)

3.3.3 Error Suggestion (Level AA)

SupportsError Suggestions are avoided by limiting input to begin with (entering text in a numeric, invalid dates, etc)

3.3.4 Error Prevention (Legal, Financial, Data) (Level AA)

SupportsLegal and Financial Data are not used, but input is reviewable, and reversible. (instant messenger can be disabled to support only reversible content), input validation is performed before submission when supported. trash/recycle bin, and remove/purge of content is confirmed.

4.1.3 Status Messages (Level AA 2.1 only)

SupportsStatus messages can be identified by class.

Level AAA


Conformance Level 

Remarks and Explanations

1.2.6 Sign Language (Prerecorded) (Level AAA)

Not ApplicableSee 1.2.2 Remarks.

1.2.7 Extended Audio Description (Prerecorded) (Level AAA)

Not Applicable"

1.2.8 Media Alternative (Prerecorded) (Level AAA)

Not Applicable"

1.2.9 Audio-only (Live) (Level AAA)

Not Applicable"

1.3.6 Identify Purpose (Level AAA 2.1 only)

SupportsUser Interface Components can be programmatically determined via attribute naming conventions.

1.4.6 Contrast (Enhanced)  (Level AAA)

SupportsSee 1.4.1 Remarks.

1.4.7 Low or No Background Audio (Level AAA)

SupportsSee 1.4.2 Remarks.

1.4.8 Visual Presentation (Level AAA)

Partially SupportsColors are user select-able. Width can be under 80 characters with the mobile view. The justify text alignment is not used. Line and paragraph spacing are default and adjustable. Text can be resized without assistive technology up to 200 percent in a way that does not require the user to scroll horizontally to read a line of text on supported screen sizes. Large Workflows on small monitors may require horizontal scrolling.

1.4.9 Images of Text (No Exception) (Level AAA)

SupportsNo images of text are used. Users are responsible for their own content selection and alternatives.

2.1.3 Keyboard (No Exception) (Level AAA)

SupportsNo timeouts on input are not imposed without customization.

2.2.3 No Timing (Level AAA)

SupportsSee 2.2.1 Remarks.

2.2.4 Interruptions (Level AAA)

SupportsInterruptions can be postponed or suppressed by the user (login obviously excepted).

2.2.5 Re-authenticating (Level AAA)

SupportsDocument editing is auto saved every keystroke to Web Browser Storage, and users are prompted to recover for convenience.

2.2.6 Timeouts (Level AAA 2.1 only)


2.3.2 Three Flashes (Level AAA)

SupportsSee 2.3.1 Remarks.

2.3.3 Animation from Interactions (Level AAA 2.1 only)

Supportsprefers-reduced-motion is respected.

2.4.8 Location (Level AAA)

Supportsbreadcrumb trails are provided.

2.4.9 Link Purpose (Link Only) (Level AAA)

SupportsSee 1.3.6 Remarks.

2.4.10 Section Headings (Level AAA)


2.5.5 Target Size (Level AAA 2.1 only)

SupportsTarget size is increased automatically when lower accuracy input is detected. Can also be forced/customized

2.5.6 Concurrent Input Mechanisms (Level AAA 2.1 only)

Supportsmultiple concurrent input types are supported.

3.1.3 Unusual Words (Level AAA)

SupportsVia select > right click > search web for. Abbreviations, idioms, and jargon are avoided.

3.1.4 Abbreviations (Level AAA)


3.1.5 Reading Level (Level AAA)

SupportsCommon words are used where long explanations of technical terms would not be required

3.1.6 Pronunciation (Level AAA)

SupportsSee 1.3.1 Remarks.

3.2.5 Change on Request (Level AAA)

SupportsSee 2.2.1 Remarks.

3.3.5 Help (Level AAA)

Partially SupportsThere are select help icons and paragraphs in some contexts for clarity.

3.3.6 Error Prevention (All) (Level AAA)

SupportsSee 3.3.4 Remarks.

GDPR checklist;


  • We hold payment information optionally provided by clients, and share it with no one. we use it to charge for our software service.
  • We hold at least one pice of contact information to update payment information.
  • Data is stored on our accounting computer
  • This is our publicly accessible policy
  • We have a DPO
  • Our staff and management is aware of this document
  • We use modern and up to date security.
  • We appoint clients as their own representatives in the EU
  • If ever we become aware of a personal data breach our customers and local authorities will be made aware.
  • customers can verify and update information by simply asking.
  • We review this policy annually or as required.
  • We understand when DPIA is required


  • Data is stored-in / removed-from a location of the clients request.

When something unexpected happens Noodle will ask you what you were doing and email a stack trace to Vialect. Bug reports may also be sent to Please use for any other inquiries.

Please provide the following to help us reproduce and correct issues faster:

  • Minimal steps to reproduce the issue from scratch. Possibly relevant details:
    • The URL
    • The version of Noodle
    • The version of Web Browser
    • The version of Operating System
    • A username and password
    • An ordered list of buttons/links clicked
    • Sample file/data
  • Expected behavior, possible details:
    • 720p mockup of desired appearance with min and max sample data.
  • Actual behavior, possible details:
    • A full resolution screen shot including address and scroll bars
    • Web Browser console output
    • Web Browser network log (HAR)
    • The source of any warning pages (wrong format, missing parameter)
    • The source of any email
    • A zip of the Noodle/log folder
  • Observe email educate
    • A short descriptive email subject
    • Reply to the email thread only for the same issue
    • Don't make new threads for the same issue.
    • Avoid requesting thread history review.
    • Do not place legal or print notes in signatures or otherwise bloat them.
    • Use text in favor of images
    • Use attachments not overlays/embeds of images or text
    • Be concise.

Leaving out information leads to Vialect spending less time creating solutions and more time attempting to reproduce issues and linking to this page.

Answers to Frequently asked questions:

  • The support included in your Noodle subscription includes phone, email, and remote assistance for system administration, application usage, and troubleshooting.
  • Customization can normally be accomplished through the user interface which we help with by providing example scripts. Feature requests beyond customization cost extra valued on a per requirement basis.

Ask us more.

Information about our hosted security:

  • Rackspace standards, and certifications.
  • Amazon standards, and certifications.
  • Your data is not shared with anyone, and is only viewed by Vialect on your request.
  • Backups are taken daily for one day, and monthly for 3 years, encrypted, and stored in multiple cities. Optimal space conservation is used in favor of optimal recovery time.
  • Only the strong password protected ssh key of our security manager has full assess to hosted environments.
  • Stable Linux branches are used and security updates are evaluated or applied daily.
  • Data sovereignty; People who want to avoid government oversight should encrypt a local install and host the data with a less intrusive government.
  • Clients will be notified within a day if our Intrusion detection systems ever detect a security breach.
  • Application Security
  • regulation compliance

Please read this overview for a summary of applicable regulations.

    • ISO 27001
      • Compliant, not certified.
    • HIPAA
      • Not applicable as we do not store client health data.
      • Employees are covered by OHIP which exceeds USA standards.
    • Data Protection Directive / GDPR
      • Client implementation / usage dictates compliance.
      • Compliant by clients opting to represent Vialect in the EU.
    • C-28
      • Automated Noodle emails contain a one click unsubscribe link
    • PCI DSS
      • A local install is required to comply.
    • SOC 2
      • Compliant, not certified.

Please contact us if you have specific questions about regulation compliance.

Information about Vialect Administrative security:

  • Staff workstations use annual fresh installs of OS X to avoid most malware.
  • Payment information is transmitted and stored offline.
  • Only Senior staff have access to sensitive information.

Public network application security options:

  • SSL (prevent passwords collection from public wifi)
  • White list (prevent application inspection from known hostile networks)
  • "Session Security Level" to 4 (prevent session hijacking)
  • "Minimum password length" to 8 (make password guessing harder)
  • Auto blacklisting block IPs that use the wrong password to often (defaults to 20 per minute)
  • 2 factor authentication
  • Authentication keys for RSS, and Calendar subscriptions.
  • Injection detection
  • Analytics
  • Active Directory Authentication

LAN security options for the server:

  • Whole disk encryption (prevents bypassing security by reading the disk with another computer).
  • Dedicated server (reduces exploitable surface area).
  • Automated Linux updates
  • Firewall blocking all but ssh and the Noodle http[s] ports (reduces exploitable surface area).
  • ssh keys (prevents password guessing on ssh).

LAN security options on a network, listed from most to least secure:

  1. Network not (even indirectly) connected to the internet.
  2. Network with only auto upgraded devices only indirectly connected to the internet:
    • Encrypted VPN or better yet a ssh tunnel (use with keys will prevent MITMA from a spoofed wifi or an untrusted ISP or government).
    • Anonymity networks like tor can be used, optionally with ssl or ssh (in practice will prevent anyone, including governments, from knowing what server a user is talking to).
  3. Network only indirectly connected to the internet.
  4. Public network with a firewall or NAT port forwarding blocking all but one port.
  5. Public network.