Vol. 01 · No. 001
Spring 2026
For UK charities & care providers

WhatsApp, on the record.

Give your staff, volunteers and families a WhatsApp channel you actually own and govern. Same app they already use, on a number that belongs to your charity, with every message on the record.

Request a demo → See pricing
Built on the WhatsApp Business API UK data residency Disclosed, never covert You own the number
The conversation we keep avoiding

Your charity is already having the conversations. None of them are governed.

WhatsApp lives in your care homes, your frontline teams, your fundraising chats, your trustee threads. Your DPO knows. Your IT director has tried to stop it. They cannot. The conversations happen anyway, just outside everything you bought to keep your organisation safe.

Then a group is infiltrated. A relative makes a Subject Access Request. A safeguarding incident needs evidence. A trustee asks the obvious question, and the only honest answer is "we don't know."

You can spend another year fighting the culture. Or you can govern the channel your people refuse to give up.

Most
frontline care and support staff already use personal WhatsApp for work conversations
Zero
of those conversations are captured, retained, or answerable when a regulator or relative asks
Days
of manual effort to answer a single Subject Access Request that touches messaging apps
Figures illustrative. Swap for your own sector data before publishing.
A different posture

Don't fight WhatsApp. Govern it. Move the conversations onto a channel you own, where every message is on the record.

— The principle behind every feature we ship
How it works

Four steps. Then it just runs.

STEP 01

Stand up a governed channel

Governed WhatsApp groups run on a Business API number your charity owns. The same number keeps normal one-to-one staff chats via WhatsApp Coexistence.

STEP 02

Bring your people across

Staff, volunteers and families join the governed group by invite link. Membership is controlled by API: one-click onboarding, instant removal when someone leaves.

STEP 03

Every message captured

Each message flows through the Business API into your UK-hosted, tamper-evident archive in real time. Disclosed to members, never covert.

STEP 04

Search, hold, answer

Subject Access Requests, safeguarding evidence, retention and litigation holds. All answered from one console, in hours not weeks.

What's in the box

Built for the people who have to answer for it.

001 · Channel

Governed groups on a number you own

Groups run on your charity's WhatsApp Business API number, not a volunteer's personal phone. The channel belongs to the organisation and survives staff churn.

002 · Membership

One-click onboarding and offboarding

Add and remove members by API. When a volunteer or staff member leaves, they are out of every governed group instantly. No more "who still has access to that chat".

003 · Archive

UK-hosted tamper-evident archive

Every message captured through the Business API into a UK-region store, fully indexed and retained to policy. Exportable to your compliance stack for eDiscovery.

004 · Respond

Subject Access Request tooling

Search by data subject across every governed channel. Redact, package, deliver. An ICO-aligned SAR workflow built for charity DPOs.

005 · Preserve

Retention & litigation hold

Apply retention rules per channel. Legal-hold flags survive deletion attempts, giving you a trustee-ready evidence trail for safeguarding and disputes.

006 · Protect

Customer-managed keys

Bring your own encryption keys via Azure Key Vault or AWS KMS. Revoke the key and the archived data is cryptographically destroyed. You stay in control.

Pricing

Pricing built for charities. No mystery line items.

Every number here is the number you pay. No obscure platform fees, no inflated seat counts, no setup hidden in the small print. You pay for staff seats; everyone you serve joins free. Annual billing includes a month free, and onboarding is on us.

The fair bit
You only ever pay for staff seats. Volunteers, families and the people you support join governed groups free, always.
No per-message fees. No per-participant creep. Widening who you include never widens the bill.
Tier 01 Foundation
Foundation
A single care home, centre or small charity
£199 / month
Billed annually · £1,990 / yr
  • Up to 40 staff seats
  • Unlimited volunteers, families & residents
  • Up to 15 governed groups
  • UK-hosted archive, audit logs & retention
  • 2 Subject Access Requests / year included
  • Onboarding & group migration included
  • Email support, 48-hour response
Start with Foundation
Tier 02 Most chosen
Governance
Growing, multi-site charities
£599 / month
Billed annually · £5,990 / yr
  • Up to 250 staff seats
  • Unlimited volunteers, families & residents
  • Unlimited governed groups
  • Compliance-stack export for eDiscovery
  • 15 Subject Access Requests / year included
  • Customer-managed encryption keys
  • Quarterly compliance reports
  • Phone support, next-day response
Choose Governance
Tier 03 Enterprise
Enterprise
Large, multi-site care charities
£1,250 / month from
From £15,000 / yr · custom
  • Unlimited staff seats & groups
  • Unlimited volunteers, families & residents
  • Unlimited Subject Access Requests
  • Litigation hold & advanced retention
  • Customer-managed keys & data-residency controls
  • Bespoke integrations (care management, HR, M365)
  • Named success lead & SLA with credits
  • Onboarding & migration across every site included
Talk to us
Setup & onboarding Included on every annual plan. We handle the WhatsApp Business API setup and migrate your existing groups across. No separate fee, ever.
If you need more Extra Subject Access Requests beyond your allowance are £150 each, unlimited on Enterprise. Optional training is £500 per half-day.
Founding partners Our first charities get 50% off for two years, pricing locked for life, and a direct line into the roadmap, in exchange for a reference and case study. We build this with you, not at you.
Security & data protection

Built the way a charity DPO would design it.

We operate to the standards your trustees expect, and a few they don't yet ask about. Every claim on this page is independently auditable.

01 · Standards

Designed to ISO 27001

Information security mapped to ISO 27001:2022 controls from day one. Independent certification on the roadmap.

02 · Government

Cyber Essentials path

Targeting certification under the UK NCSC scheme. Increasingly expected by funders and public sector partners.

03 · Residency

UK data residency

All data stored in UK-region Azure or AWS. No transfers outside UK or EEA without explicit customer opt-in.

04 · Keys

Customer-managed keys

Hold your own encryption keys via Azure Key Vault or AWS KMS. Revocation cryptographically destroys your data.

05 · Privacy

GDPR by design

DPIA templates, Article 30 records, lawful basis register. Built in, not bolted on.

06 · Transparency

Disclosed capture only

No covert monitoring. Members are in a charity-owned group and told it is governed. Lawful and ethical by default.

Frequently asked

Questions worth asking.

Yes. Governed groups run on the official WhatsApp Business API through a Meta-approved Business Solution Provider, on a number your charity controls. Members are in a group your organisation owns and are told it is governed. That is fully within WhatsApp's terms and meets GDPR transparency requirements. We do not tap, scrape, or covertly join anyone's existing personal groups, which is neither possible through the API nor permitted.
In a governed group, your charity's Business API endpoint is a legitimate participant, so messages are delivered to it through Meta's official API rather than intercepted off anyone's device. From there we re-encrypt content at rest using customer-managed keys. We do not run a modified WhatsApp client and we do not claim "zero knowledge", because governance and zero knowledge are mutually exclusive. Any vendor promising both is misrepresenting how this works.
Yes, and we provide the templates. Transparency is a GDPR requirement and an ethical one. We supply notification copy for staff, for relatives joining governed groups, and for your trustee board. In practice, almost everyone is reassured rather than alarmed.
We onboard you to the WhatsApp Business API through an approved Business Solution Provider, on a verified business number you own. You retain the API account and all conversation data. We can run the onboarding for you (one-off setup fee) or work alongside your existing BSP. Because the traffic is internal coordination rather than marketing, your Meta messaging fees typically sit in WhatsApp's free tier.
No, and any tool that claims to is either misleading you or breaking WhatsApp's terms. The API can only govern groups created on your business number, so the model is to migrate activity into governed groups going forward and make that the way your charity uses WhatsApp. We give you the rollout plan, the member invites, and the staff and trustee policy templates to make the switch stick.
That is a policy and culture problem, and we treat it as one. Governed groups become the only approved channel, backed by a safeguarding-grounded policy your trustees can stand behind. On charity-issued devices, mobile device management can enforce it. The lever is making the governed channel the easy, expected default, not pretending we can secretly read private phones.
Yes. Anywhere WhatsApp has become operationally important, governance becomes operationally important. Fundraising teams, volunteer coordinators, safeguarding leads and trustee chats are all in scope. Pricing is by staff seat and participants are always free, so widening the use case never widens the bill.
Founding customer programme open

Govern the chats that already happen.

A 30-minute call with our team. We'll show you the product, talk through your specific risk picture, and tell you honestly whether we're a fit.

Request a demo → See pricing again