Web from £295/mo · Email from £195/mo + seats · EU-sovereign · Cancel any time

Web from £295/mo · Email from £195/mo + seats

See the ladders →
UK Web Marketing Start your build

Sovereign email infrastructure

Encrypted email your regulator can read.

Managed mailboxes, DMARC posture, deliverability reporting and a compliance evidence pack — on EU-sovereign foundations, with Jordan named as the technical contact on every contract. Two public tiers: Practice for a single-domain UK regulated firm, Enterprise for a multi-jurisdictional group.

Practice

Compliant encrypted email for a single regulated practice

195 / mo base + £15/seat/mo

Annual base £1,872 (£156/mo equiv, save 20%) · seats remain pass-through.

£395 one-time — covers DNS audit, migration runbook, scheduled out-of-hours cutover for up to 15 mailboxes, 14-day dual-delivery monitoring, MFA rollout session, and an offboarding kit.

Compliant, encrypted email infrastructure for a single regulated UK practice on one domain.

Best for: Single-site UK regulated practice, 5-15 staff, one apex domain.

  • EU-sovereign
  • Up to 15 mailboxes
  • DMARC p=reject within 30d

Included

  • DNS config of 1 apex domain (SPF hardfail -all, DKIM 2048-bit annual rotation, DMARC p=quarantine → p=reject within 30 days, MTA-STS, TLS-RPT)
  • Up to 15 EU-sovereign real mailboxes on Proton Mail Business (full IMAP/SMTP, calendar, contacts, 30-day deleted-item recovery)
  • Migration from incumbent (M365 / Workspace / GoDaddy / cPanel) including content, calendars, contacts, distribution lists
  • Monthly deliverability report (DMARC aggregate parsed, top sending sources, spam-folder rate)
  • Quarterly compliance evidence pack tailored to one regulator (DCB1596 for healthcare / SRA's encrypted-transmission requirement for law / ICAEW client-data guidance for accountancy)
  • Cloudflare Email Routing for unlimited additional aliases
  • MFA enforcement + password policy baseline
  • Encrypted attachment delivery flow
  • Same-business-day SLA on email incidents
  • Annual DKIM key rotation + MTA-STS refresh + TLS verification + DNSSEC verification
  • Offboarding-on-cancellation kit (mbox/EML exports, DNS zone file, DMARC archive, evidence pack)
Explicitly excluded
  • DMARC on multiple sending subdomains (Sovereign-bundle uplift)
  • Dedicated transactional outbound subdomain or warm-up campaign
  • BIMI / VMC issuance
  • Fractional CTO time / architecture review
  • Clinical-software SMTP integration
  • Phishing simulation programme
  • Mailbox content recovery beyond 30 days
  • Additional domains

Upgrade trigger: Seats cross 15 OR a 2nd domain enters scope OR practice starts sending automated transactional email OR DMARC needs reconciliation across shadow senders → Sovereign-bundle uplift (+£100/mo). Any of those + multi-regulator burden + >30 seats → Enterprise.

Start Practice email — £195/mo + £15/seat Bundle with a web tier (10% off email base)

Enterprise

Multi-jurisdictional regulated email infrastructure

895 / mo base + £15/seat/mo

Annual base £8,592 (£716/mo equiv, save 20%) · seats remain pass-through.

£4,500 one-time — 60-90 day migration project for up to 40 seats, DMARC ramp from p=none → p=quarantine → p=reject with weekly aggregate review.

Multi-jurisdictional regulated email infrastructure with named operator accountability.

Best for: Operations Director at a 30-100+ staff regulated multi-site practice.

  • Multi-jurisdictional
  • Multi-subdomain DMARC p=reject
  • BIMI / VMC optional

Included

  • DMARC at p=reject across all sending subdomains
  • Dedicated outbound subdomain architecture (mail.firm.co.uk / txn.firm.co.uk / partners.firm.co.uk)
  • Multi-jurisdiction mailbox hosting (Proton EU-sovereign for partner/FCA/Caldicott + M365 hybrid for client-facing mailboxes)
  • Quarterly Compliance Posture Pack (signed PDF mapping email infra against applicable regulators)
  • Monthly DMARC + deliverability review call (45-60min with compliance officer)
  • 4-hour SLA on email-spoofing reports / deliverability incidents
  • Annual DKIM rotation + TLS posture review
  • BIMI + VMC/CMC standup if elected
  • Self-hosted Listmonk for partner / client-marketing newsletters
  • Sub-processor register maintained
  • Staged migration from incumbent stack
  • Secure-email portal integration (Egress / Galaxkey / Microsoft Purview Message Encryption)
  • Annual phishing-simulation campaign
  • Named contact in client's regulator-facing artefacts (ICO record-of-processing, SRA Lexcel, ICAEW evidence)
Explicitly excluded
  • Day-to-day non-email IT support
  • End-user mailbox training
  • SaaS practice-software integration debugging beyond SMTP relay
  • Litigation hold / e-discovery / expert-witness
  • Drafting substantive regulatory policies
  • Custom software dev
  • >2 outbound broadcasts/mo via Listmonk
  • On-premises Exchange / hybrid AD

Upgrade trigger: TOP of the email ladder (Sovereign uplift is implicit at this scale). Beyond this the conversation is Embedded web + Enterprise email as a bundle.

Book an Enterprise email discovery call Bundle with a web tier (10% off email base)

Provider strategy

The stack behind the tier.

Practice tier (default): mailboxes on Proton Mail Business — EU-sovereign, end-to-end encrypted, full IMAP/SMTP, calendar and contacts. Cloudflare Email Routing handles unlimited aliases that forward to the real mailboxes. DNS posture — SPF hardfail, DKIM 2048-bit with annual rotation, DMARC ramped to p=reject within 30 days, MTA-STS and TLS-RPT on the apex.

Practice fallback: where Proton isn't a fit (legacy Outlook plugins, specific accreditation requirements), we fall back to Tuta Mail or Migadu — both EU-sovereign — at the same seat economics.

Enterprise tier (hybrid): Proton Business EU-sovereign for partner mailboxes, FCA-touch mailboxes, Caldicott-guardian mailboxes — the seats where sovereignty actually matters. Microsoft 365 selectively for client-facing mailboxes where the Outlook ecosystem is a hard requirement. Both billed at cost on the same invoice. Dedicated outbound subdomain architecture (mail.firm.co.uk / txn.firm.co.uk / partners.firm.co.uk) so DMARC reconciliation isn't fighting your transactional senders.

Sovereign (internal uplift, not public): if your Practice tier needs to span 2-5 domains or reconcile shadow-senders, it becomes Sovereign-equipped via a £100/mo uplift — quoted by Jordan when needed, never sold cold from a menu.

Migration project

What the setup fee actually covers.

Practice migration

£395 one-time

  • DNS audit — incoming SPF/DKIM/DMARC state captured
  • Migration runbook scheduled out-of-hours for up to 15 mailboxes
  • Content, calendars, contacts, distribution lists carried over
  • 14-day dual-delivery monitoring (catches retry failures)
  • MFA rollout session with the practice manager
  • Offboarding kit document handed over on day one (mbox/EML export route, DNS zone file location, evidence pack scope)

Enterprise migration

£4,500 one-time

  • 60-90 day migration project for up to 40 seats
  • Multi-jurisdiction routing design (which seats go EU-sovereign vs M365 hybrid)
  • Dedicated outbound subdomain architecture stood up
  • DMARC ramp p=none → p=quarantine → p=reject with weekly aggregate review
  • BIMI + VMC/CMC standup if elected (logo on mail clients)
  • Secure-email portal integration (Egress / Galaxkey / Microsoft Purview Message Encryption)
  • Sub-processor register populated and handed to compliance officer

Questions about email

The things compliance officers ask first.

What if I want to cancel?

Cancel any time — one-click from your Stripe email. The subscription ends at the end of the month you've already paid for. Within the first 14 days you have a full statutory cancellation right under the Consumer Contracts Regulations 2013. Source code lives in a repo you're a collaborator on from day one — cancellation means I step out of the collaborator role and you keep everything. Email-tier cancellation also returns an offboarding kit (mbox/EML exports, DNS zone file, DMARC archive, evidence pack). See /refund for the precise framing.

Do I need a domain?

If you have one, I take custody of it (DNS changes ≤1 business day on every tier). If not, I'll register one in your name with Cloudflare Registrar (or your preferred registrar). The ~£10/year renewal is paid by you directly to the registrar — no markup, and I prompt you at renewal so it never lapses.

Can I pay annually for a discount?

Yes — 20% off on every recurring product on annual prepay. Lite £2,832/yr (£236/mo equiv), Maintained £4,752/yr (£396/mo equiv), Growth £14,352/yr (£1,196/mo equiv), Embedded £57,600/yr (£4,800/mo equiv — and the £3,000 onboarding fee is waived). On email: Practice £1,872/yr (£156/mo equiv) + seats, Enterprise £8,592/yr (£716/mo equiv) + seats. Cancellation rights are identical — 14-day statutory refund under the Consumer Contracts Regulations 2013; after that, annual prepay isn't refunded pro-rata but you keep the service until renewal.

What is the Sovereign email tier?

Sovereign is an internal multi-domain attachment, not a public SKU. If you grow past 1 domain or add shadow-senders, your existing Practice tier becomes Sovereign-equipped via a £100/mo uplift, quoted by Jordan when needed. You don't pick it cold from a menu.

Do I need both web and email tiers?

No. Most clients pick one. Bundle pricing gives 10% off the email base when paired with a same-band web tier, but standalone is fine — buy a web tier without email, or run a Practice email subscription on a site I don't maintain. The ladders are deliberately independent.

Ready to start?

One ladder, or both?

I just want email

Standalone Practice or Enterprise tier. No web change required.

Open the email-only contact form →

I also want web

Bundle a web tier with email — 10% off the email base when same-band.

See the web ladder →

Or WhatsApp me — I'll ask three questions about your domain, your regulators and your seat count and tell you which tier fits.

From £295/mo web · From £195/mo email · Cancel any time

Ready for the web + email infrastructure your practice should already have?

Start your build
See pricing — from £295/mo WhatsApp