For Organisations

How organisations use SemaFore

Every SemaFore account belongs to an organisation. There are no personal SemaFore accounts. This is a deliberate architectural decision: the platform is built for organisations that need to control who participates in their communications, and to be confident that when someone leaves, their access ends immediately.

Getting started

SemaFore organisations are provisioned through a sales-led onboarding path or through the evaluation programme. Procurement-led teams can discuss architecture, data processing, deployment, and commercial terms before an organisation is created: Get a briefing.

If you want hands-on access before formal procurement, apply to the SemaFore evaluation programme. Approved evaluations are provisioned as managed SemaFore organisations with the same security model as production customers.

Typical deployment

A typical rollout usually unfolds in two steps:

Day one. Once the organisation is provisioned, the administrator adds employees by phone number. Each receives a verification SMS. They download the SemaFore app, verify their identity, and appear in the portal for approval.

Ongoing. The administrator approves new users, manages access as people join and leave, and reviews the audit log. Employees communicate. The platform runs without intervention.

What your administrator can and cannot do

Can:

• Add, approve, disable, and remove employees
• See who is in the organisation and when they were added
• Review the administrative audit log in full
• Configure organisation-wide notification settings
• Export the organisation’s administrative data
• Manage billing and subscription from the portal

Cannot:

• Read message content
• Access encryption keys
• Retroactively alter the audit log
• Impersonate another employee’s messaging session

This balance — full control over access, no access to content — is intentional. Your administrator needs to be able to run the platform without being able to compromise its confidentiality guarantees.

Pricing

Evaluation programme Hands-on access for approved evaluators before formal procurement. Full SemaFore architecture: end-to-end encryption, admin portal, iOS and Android apps, audit log.

Professional — £9 / user / month (annual) · £11 / user / month (monthly) No seat ceiling. 90-day audit log retention with CSV export, in-app admin metrics, message delivery indicators, email support.

Enterprise — custom pricing For organisations that need a negotiated contract, dedicated support SLA, or a DPA tailored to specific regulatory requirements. Includes everything in Professional plus unlimited audit log retention, 4-hour SLA, dedicated customer success manager, and custom contract. Get a briefing about requirements and timelines.

Data processing

SemaFore processes the following data on behalf of your organisation:

• Employee phone numbers (for authentication)
• Message ciphertext (queued for delivery; not retained after delivery)
• Delivery metadata (timestamps, delivery status)
• Administrative actions (for the audit log)
• Device registration information

We are the data processor. Your organisation is the data controller. We will sign a Data Processing Agreement appropriate to your jurisdiction. A standard DPA is available on request: hello@attomus.com.

SemaFore is hosted on Attomus-operated UK infrastructure. Data transfer to third countries does not occur in the managed service configuration.

Security and compliance

Security review should not need a product tour. Send over a questionnaire, or book a technical call if your engineering team wants to test the architecture.

Independent penetration test summaries are available to enterprise customers under NDA. For implementation-level review, see the Architecture and Threat Model on docs.semafore.io.

Key recovery, onboarding boundaries, retention, and audit are covered in Security Approach.

Get a briefing or write to hello@attomus.com.