Email Automation
For Business
Operational emails often span the CRM, finance system, marketing platform and personal inboxes. We document the flows, assign ownership and move the important ones into a monitored system with clear consent and failure handling.
£38 : £1
DMA UK EMAIL ROI BENCHMARK
2% / 37%
AUTOMATED: SHARE OF SENDS / SHARE OF SALES (OMNISEND, 2025)
£140k
ICO FINE, HELLOFRESH, JAN 2024
Most "email automation" is one person, a folder of templates, and good intentions
Someone set up an Outlook rule three years ago. Marketing built a welcome series in Mailchimp that ends after email two. A Zap fires off invoice reminders, except when Stripe changes its webhook payload. The sales team copy-paste a follow-up sequence into Gmail by hand.
It mostly works. Until a customer doesn't get their receipt. Until two reminders go to the same person on the same day. Until Gmail and Yahoo's February 2024 bulk-sender rules catch a missing authentication record. Until the ICO writes to ask about your consent records.
Email is one of the few channels customers genuinely want, and one of the few your business owes them. It deserves a system, not a folder of rules.
WHAT YOU HAVE TODAY
- Outlook and Gmail rules nobody documented
- Three ESPs, each sending half a journey
- SPF and DKIM half-set, no DMARC report ever read
- Unsubscribe is a link to a 404
- No idea what bounced, who complained, or why
- Consent stored as "they're on the list"
WHAT WE LEAVE YOU WITH
- One place every email is defined, named and version-controlled
- Transactional and marketing on the right sender, not muddled
- SPF, DKIM and DMARC aligned, reports read weekly
- One-click unsubscribe that works (RFC 8058)
- Bounces, complaints and silent failures alerted
- Consent logged per subscriber, exportable for ICO
What reliable email automation needs
If any one of these is missing or wrong, the others can't save you. It's a stack, not a checklist.
Triggers
What kicks the email off. A sale, a sign-up, a CRM stage change, a timer, a Stripe webhook, an internal alert. Defined once, reused everywhere.
Logic
Branches, waits, quiet hours, frequency caps, suppression. The bit that stops you sending two reminders in an hour or chasing a customer who's already paid.
Content
Templates, merge fields, plain-text fallback, a working unsubscribe, real branding. Reviewed by a human, not "improved" by the ESP's drag-and-drop.
Delivery
SPF, DKIM, DMARC aligned. Dedicated IP or warmed shared pool. Transactional split from marketing. Compliance with Google, Yahoo and Microsoft's May 2025 Outlook.com bulk-sender rules.
Observability
Every send logged, every bounce and complaint surfaced, silent failures paged. The bit you only notice the day a customer says "I never got that".
Problems we find in email setups
Across recruiters, accountants, online stores and SaaS companies, the recurring problems are weak authentication, broken journeys, poor consent records and nobody watching delivery.
Receipts going to spam
Order confirmations from noreply@yourcompany.com sent through Mailchimp with no DKIM alignment. Since February 2024, Gmail's bulk-sender rules have expected proper authentication. Customers don't get the receipt. Support ticket every time.
Half-built journeys
The onboarding sequence has emails one and two. The win-back has the subject line and nothing else. The renewal warning fires the day after the card expires. The high-intent flows are the ones most likely to be half-finished.
PECR drift
A pre-ticked box on the signup form. A "soft opt-in" list that includes prospects who never bought. Marketing emails sent to personal addresses with no lawful basis recorded. The ICO fined HelloFresh £140,000 in January 2024 after 79 million emails and 1 million texts sent under a bundled consent statement.
Unsubscribe doesn't unsubscribe
Three ESPs, three lists, one opt-out that only touches one of them. Or the unsubscribe link goes to a "manage your preferences" page that asks the user to log in. The 2024 Gmail rules require marketing and subscribed messages from bulk senders to support one-click unsubscribe, and Google says unsubscribe requests must be processed within two days.
Nobody watches the dials
Bounce rate, complaint rate, queue depth, time-to-send. We turn up and the dashboards either don't exist or nobody opens them. Google tells senders to keep spam rates below 0.1% and avoid 0.3% or higher. You find out by accident, three months late.
How we take it into live use
Audit first. Then a fix-the-foundations sprint. Then the automation you wanted, on top of something that won't fall over.
We work with your existing ESPs where they're the right tool, and replace them where they're not. You're not buying a platform; you're buying the engineering judgement to put one together.
BOOK AN EMAIL AUDITAudit
We catalogue every email leaving your business. Which template, which sender, which list, on whose consent. We pull DMARC reports, check SPF and DKIM, score you against the Google, Yahoo and Microsoft bulk-sender rules. You get a one-page report and a prioritised fix list.
Foundations sprint
DNS records aligned. Transactional split from marketing onto separate subdomains. One-click unsubscribe wired up. Consent records back-filled where defensible. Bounce, complaint and queue alerts plumbed into Slack or PagerDuty.
Build the automations
The flows your business needs. Onboarding sequence that finishes. Renewal warnings that fire before the card expires. Abandoned-cart series, sales follow-ups, post-purchase, review requests, win-back, internal digests. Tested end-to-end with real fixtures, not "looked good in preview".
Hand back something you can run
A single inventory of every automated email, who it goes to, why, and on whose authority. Dashboards your operations lead checks. A written list of which changes a marketer can make in the ESP and which need a developer. Optional retainer if you'd like us watching the dials with you.
Email flows that keep the business running
These messages sit inside the operating process. Customers notice quickly when one is late, wrong or missing.
Transactional
Receipts, order confirmations, shipping updates, password resets, invoices, contracts.
Lifecycle
Welcome series, onboarding nudges, activation reminders, renewal warnings, win-back.
Sales
Cold sequences, meeting confirmations, proposal chase, quote follow-ups, hand-off to a human at the right moment.
E-commerce
Abandoned cart, browse abandonment, post-purchase, replenishment, review requests. Boring until the orders stop coming back.
Support
Auto-acknowledgements that don't lie about response times, ticket updates, CSAT and NPS surveys.
Internal
Weekly digests, KPI roundups, anomaly alerts, "this thing needs a human" pings to the right person.
Compliance
GDPR re-consent, expiring card warnings, document signature chasers, audit-trail exports for the ICO.
AI-assisted
Triage of inbound replies, draft personalisation per recipient, intent detection on responses, optional human review before send. Kept on a short leash and logged.
Operational and compliance risks
Three things that have happened, drawn from public regulator notices and sender guidance.
HelloFresh, £140,000.
The ICO fined HelloFresh £140,000 after the company sent 79 million spam emails and 1 million spam texts over seven months. Consent for email marketing had been bundled with age confirmation.
ZMLUK, £105,000.
The ICO fined ZMLUK Limited £105,000 in January 2026 for 67,772,285 marketing emails sent between January and July 2023 without valid consent. The data came mainly from a third-party website where people weren't given clear and informed choices about marketing.
The 2024 bulk-sender change.
Google and Yahoo began enforcing bulk-sender requirements in February 2024. Gmail requires SPF, DKIM and DMARC for bulk senders, From-domain alignment, one-click unsubscribe for marketing and subscribed messages, and spam rates kept below 0.1%.
Sources: ICO press releases (Jan 2024, Jan 2026); Google Workspace Admin Help and Yahoo Sender Hub guidance; Microsoft Outlook sender policy; IETF RFC 8058; DMA UK Email Benchmarking Report 2025; Omnisend Ecommerce Marketing Report 2025.
Operational messages need an owner and a record
AM2PM assessment reminders and status updates are part of the recruitment workflow rather than a separate marketing campaign. The system knows the candidate, the event that triggered the message and what should happen next.
When this is worth discussing
We work best when there is a real operating problem, enough volume to measure and people from the affected teams who can make decisions.
Usually a good fit
- An established UK business, usually with annual revenue above £10m
- A repeated process with a known cost, delay, error rate or capacity problem
- A senior sponsor and a day-to-day owner who understand the work
- Access to the relevant staff, systems, sample records and security requirements
We may point you elsewhere
- A standard product already covers the process well
- The requirement is a one-off small build with no wider operating case
- There is no owner or access to the people and data needed to test the result
- The plan relies on AI making high-impact decisions with nobody responsible for review
Questions before connecting the systems
We're already on Mailchimp / HubSpot / Klaviyo. Do you replace it?
Usually no. We use the platform you've already trained your team on, and we put proper engineering around it. We'll only suggest a move if the current tool is the reason things are breaking, and we'll tell you what the migration costs before you commit.
What about transactional? Stripe, Auth0, the app itself.
That's most of where we start. Transactional email is what your customers expect within seconds and what marketing teams shouldn't be touching. We route it through Postmark, Amazon SES or your preferred provider, on a separate subdomain so it doesn't share reputation with the newsletter.
We B2B email cold prospects. Are we breaking the law?
PECR carves out "corporate subscribers": companies, LLPs and Scottish partnerships. You can email them without prior consent. UK GDPR still applies to personal addresses (alex.hawke@company.com is personal data), so you need a lawful basis, a clear unsubscribe and accurate records. We'll tell you, in the audit, where your B2B list is fine and where it isn't.
Why does any of this need a developer? It's just email.
Because the bit that breaks is never the email. It's the trigger that fires twice, the webhook that retries silently, the consent record that didn't save, the merge field that renders {{first_name}} to a customer. The drag-and-drop builder is only the visible bit.
How long until something visible changes?
The first phase inventories the flows, fixes authentication and gives one important message a clear owner, monitoring and failure path. Other messages follow after that pattern is working.
How much does it cost?
Audit is fixed-fee. Foundations sprint is priced per finding. The build phase is scoped against your flow list, fixed price per phase. You get the number before we touch a record.
Do you do "AI emails"?
Yes, when it earns its keep. Reply triage, intent detection on responses, draft personalisation per recipient, sometimes the body of a sales follow-up where the context is rich enough. We keep a human in the loop on anything that could embarrass you, and we log every prompt and output. We won't auto-send something we wouldn't be happy to put our name to.
Talk to us about your email setup
Send us the current flow list, sending domains, platforms and recent failures. We will identify the messages that need central ownership and the first automation worth rebuilding.