Consumer messengers
- ✓ End-to-end encrypted
- ✗ Compliance-ready
Generally strong on privacy. Typically not built around admin retention, legal hold, scoped discovery, or organisation-wide audit controls.
End-to-end encrypted messaging, calls and meetings — with the retention, legal hold and discovery controls a regulated firm actually needs.
🔒 demo.chattriix.com · 30-minute sandboxConsumer messengers and personal email are routinely raised by UK regulators as an area to monitor in firms handling sensitive information.
They typically offer no admin-controlled retention, no legal hold, and no scoped discovery export — controls many regulated firms are expected to operate.
Conversations are generally accessible to the operator as part of normal service operation, and may be subject to lawful-access requests under their home jurisdiction's legal framework.
Client confidences, patient data, deal-stage information, donor records, supplier IP — moving through general-purpose channels expands exposure where the records matter most.
Generally strong on privacy. Typically not built around admin retention, legal hold, scoped discovery, or organisation-wide audit controls.
Compliance feature sets exist, but conversations are generally readable by the operator and subject to the operator's home-jurisdiction legal process.
End-to-end encryption AND admin compliance controls, in one product. UK-incorporated. UK / EU data residency. Self-host where required.
Built around the compliance controls regulators actually require — retention, legal hold, discovery, audit, single sign-on — without breaking the privacy guarantee. Designed for the firms that get audited.
Message content is encrypted on the sending device and decrypted only on the receiving device. The payload we route is opaque ciphertext.
Retention floors and ceilings, legal hold, scoped discovery export, tamper-evident administrator audit log — designed to support regulated-firm obligations.
A UK-incorporated company, with primary infrastructure in the UK / EU region. Self-hosting available where required.
No advertising business. No data mining of message content. No training third-party models on what you say. Revenue comes from licence fees.
SRA outcomes-focused.
Retained comms, audit trail.
AML-friendly retention.
Patient-confidential by design.
Sovereign deployment ready.
UK / EU residency, GDPR-aligned.
Safeguarding-grade retention.
Defensible tenant records.
Every message, call, photo and file is encrypted on your device before it leaves it.
Our servers route what you sent to where it needs to go. We can't read what we're carrying.
The recipient's device decrypts the payload locally. Plaintext exists only on the endpoints.
"The message content stays on the endpoints. We carry ciphertext." Designed without backdoors, key escrow, or operator-held master keys.
Conversations are readable on your device and the recipient's. Not in transit. Not at rest. Not by us.
Messages, calls, voice notes, photos, videos, files — all encrypted on-device.
Mesh group calls, screen-share, network-quality indicators, hand-raise, reactions.
Mentions, replies, edits, reactions, forwarding with attribution, pinned messages.
Phone, tablet, laptop — each device has its own keys. Add or remove without compromise.
Cross-thread and within-conversation. The index lives on your device, not on our servers.
Out-of-band safety numbers. Optional org-admin attestation for "verified by your organisation".
Encrypted media. Two-side recording consent. Password-protected, expiring share links.
Face ID, Touch ID, fingerprint — separate from your device unlock.
@mentions, threaded replies, reactions, pinned messages — under one E2E envelope, with retention and legal-hold built in.
Org-wide floor and ceiling. Department-specific overrides. Keep Legal's records for seven years while Engineering auto-purges at ninety days.
One click freezes a user's communications from auto-deletion, indefinitely, with an immutable audit trail. Held users keep messaging — transparently.
Scoped by custodian, date, conversation, team or department. Encrypted to a key your compliance officer holds — not us. We stay zero-knowledge.
Every administrator action — config change, policy update, legal hold, discovery export — appended to a chained log that surfaces tampering on inspection.
Daily encrypted backups with nightly restore-verification drill. Documented DR procedure with stated RTO and RPO. The boring stuff, actually done.
Plug into the identity provider your organisation already runs. Automated provisioning and de-provisioning as people join and leave.
Opt-in journalling. The key to read the archive sits with your compliance officer. We literally cannot.
Invite a client or vendor to ONE secure thread for a specific matter.
For longer engagements where one thread isn't enough — contracted experts, partner-firm staff, seconded advisers.
Safety numbers verify identity out-of-band. Org admins sign their staff's keys — so a green "Verified" badge actually means something.
Encrypted on your device before it leaves; decrypted only on the recipient's device. Opaque to us in between.
Each conversation continuously rotates its encryption keys. Compromise of a current key does not expose past communications.
Our revenue is licence fees. We do not analyse, train on, or sell what you say.
Operating under UK GDPR with clear obligations on data minimisation, transparency, and your right to erasure.
Published responsible-disclosure contact. Certificate-authority restrictions in DNS. HTTPS-everywhere with strict transport security.
The security model is the same whether you trust us or not. Your data stays protected by mathematics, not by policy.
SRA Risk Outlook flagging shadow comms. FCA Consumer Duty and operational resilience expectations. ICO enforcement on consumer-app data leakage.
Schrems II, CLOUD Act, and EU-US data-transfer instability mean UK regulated firms need credibly UK-controlled infrastructure.
Boards want to know what their staff communications expose to third-party model training. Consumer apps cannot answer that question.
Premiums and coverage now depend on auditable communications controls. "We use WhatsApp" is increasingly an underwriting red flag.
Defence-supplier reviews, NHS DSPT, government framework due-diligence all asking the same question: can you prove how your team communicates?
Runs on your own UK / EU perimeter. You hold the operational keys. Single VM for smaller teams, HA cluster for larger ones — both supported as first-class deployments.
You own the licence; we operate the instance on your cloud account. Useful if your team wants the trust posture without the ops overhead. Charged separately as a service.
UK-only managed deployment for sovereignty-sensitive customers. Government framework deployments handled as a bespoke engagement with separate commercial terms.
UK-incorporated operator. Source-escrow available. Perpetual licence option. Lock-in is not in the business model.
Perpetual licence. No subscription. No annual renewal pressure. After the first 12 months you choose whether to take updates.
Runs entirely on infrastructure you control. We have no operational access to your messages, calls, files or metadata — by design, not by promise.
Fixed cost on signature. Predictable annual maintenance fee for security patches, version upgrades and support. No per-seat creep, no usage spikes.
Source-escrow option available. If we disappear, you keep running it. Your audit trail, retention policies, and discovery exports all stay with you.
The tradeoff: you provide the infrastructure and your IT looks after it. We support it; you don't depend on us to keep the lights on.
All tiers ship the full feature set — encryption, calls, recordings, retention, legal hold, eDiscovery, attestation. The tier reflects your headcount and the deployment shape it needs.
| Tier | Shape | Compute | Storage | Indicative cost |
|---|---|---|---|---|
| Starter | 1 VM | 4 vCPU · 16 GB RAM | 500 GB SSD | ~£60–100 / month cloud or £3–5k server |
| Growth | 2 VMs (app + DB) | 8 vCPU · 32 GB · app 4 vCPU · 16 GB · DB | 500 GB SSD on DB | ~£200–400 / mo cloud |
| Business | 4–5 VMs (HA cluster) | 2× 16 vCPU · 32 GB app Postgres HA pair (Patroni) Dedicated TURN | 1 TB SSD + S3 object | ~£800–1,500 / mo cloud |
| Enterprise | Multi-region cluster | Custom architecture Reviewed with your IT | Tiered storage + CDN | £3,000+ / mo cloud |
Sizing assumes ~20% concurrent active during peak, 1–3 devices per user, 10–15% in calls at peak, 1-year horizon. Your IT can request a custom sizing review.
End-to-end encrypted messaging, calls, meetings, group chats, compliance toolkit, admin portal, SSO, discovery export, self-hosting. UK-incorporated and operational.
Submitted to App Store and Google Play. Same security model as web. Push, biometric app lock, lock-screen ringing.
External audit underway. Information security management system documented and operated. Publishable to procurement reviewers on completion.
On the path to G-Cloud / Digital Marketplace. SOC 2 Type I for US-buyer-ready customers. Sovereign-cloud bespoke deployments for defence/government supply chain.
No credit card. Auto-deleted when you leave. Walks through end-to-end encryption, retention policies, legal hold, discovery export, and the admin portal — with real seeded data.
info@chattriix.com · colab.chattriix.com · Security & DPA on request
Thank you.
info@chattriix.com · demo.chattriix.com · colab.chattriix.com