Northgate Digital provides reliable, compliant transactional email and messaging infrastructure for SaaS providers, financial services firms, and enterprise software companies across the United Kingdom and Europe.
Trusted by enterprise teams across the UK and Europe
We provide the communication backbone that enterprise platforms depend on — with strict compliance controls built in from day one.
High-throughput, low-latency email delivery for account notifications, receipts, alerts, and system messages — not bulk campaigns.
TLS-enforced SMTP relay with authentication, rate limiting, and dedicated egress paths for separation of sending streams.
RESTful API with comprehensive SDKs for Node.js, Python, PHP, and Java. Designed for straightforward integration into existing platforms.
Guided setup and ongoing monitoring for SPF, DKIM, and DMARC. Enforcement of authentication as a prerequisite for sending.
Granular reporting on delivery rates, bounce categorisation, complaint signals, and engagement data through a structured dashboard.
Automated suppression of hard bounces and complaint addresses. Real-time alerts when thresholds approach risk levels.
Founded in 2021 and headquartered in London, Northgate Digital Ltd was established to address a gap in the UK market: enterprise-grade communication infrastructure designed from the outset for UK GDPR and PECR compliance, rather than adapted from US-market platforms.
We serve clients who cannot afford to compromise on deliverability, data residency, or regulatory adherence. Our infrastructure is built, operated, and supported by a UK-based team.
Learn more about us →Northgate Digital Ltd is a London-based technology company providing secure, compliant transactional messaging infrastructure to regulated and enterprise clients across the UK and Europe.
Northgate Digital was founded on the premise that reliable communication infrastructure and strict regulatory compliance are not in tension — they are mutually reinforcing. Businesses that maintain high deliverability standards do so precisely because they operate compliant, opt-in programmes.
We built our platform from the ground up to enforce the practices that protect both our clients and their recipients. Every account undergoes manual review and identity verification before activation. Sending must originate from authenticated domains. Volume is ramped progressively to protect IP reputation. Our policy team reviews all use cases prior to approval.
We serve a limited number of clients by design. We are not a high-volume, self-serve email blasting service. We are a specialist infrastructure partner for businesses with serious deliverability and compliance requirements.
Northgate Digital Ltd registered at Companies House. Core infrastructure team assembled in London.
Initial platform launched with a dedicated IP pool and compliance review process. First client: a UK-based fintech SaaS platform.
Full RESTful API launched with SDK support. Webhook delivery confirmations and bounce event streaming introduced.
Secondary infrastructure nodes established within the EEA to support European data residency requirements.
Real-time compliance health monitoring, domain authentication status, and reputation scoring introduced for all accounts.
99.2% delivery rate maintained. Abuse detection system enhanced. DMARC enforcement made mandatory for all sending domains.
Our platform provides the building blocks that enterprise and SaaS platforms need to send transactional messages reliably, securely, and in full regulatory compliance.
Our core infrastructure supports high-volume, low-latency delivery of transactional messages: account confirmations, password resets, invoice notifications, system alerts, and similar time-sensitive communications.
We draw a strict distinction between transactional messaging and marketing or bulk campaigns. Our infrastructure is provisioned, configured, and governed specifically for transactional use cases.
Our SMTP relay provides authenticated, TLS-encrypted message submission for clients whose platforms natively support SMTP. Port 587 with STARTTLS is the standard submission method; TLS-wrapper (port 465) is also supported.
SMTP AUTH (PLAIN/LOGIN) over TLS is mandatory. Unauthenticated submission is not permitted under any circumstances.
All connections must use TLS 1.2 or higher. Legacy SSL connections and unencrypted sessions are rejected at the listener level.
Per-account and per-IP rate limits are enforced to protect shared infrastructure and comply with ISP inbound policies.
The Northgate Digital API provides a RESTful interface for programmatic message submission, account management, and delivery event retrieval. Authentication uses API keys transmitted over HTTPS.
# Example: Send a transactional message via API
POST https://api.northgatedigital.co.uk/v2/messages/send
# Request body (JSON)
{
"from": "noreply@yourdomain.co.uk",
"to": "user@example.com",
"subject": "Your receipt from Acme Ltd",
"message_type": "transactional",
"html_body": "<p>Thank you for your order...</p>",
"text_body": "Thank you for your order...",
"headers": {
"X-Client-ID": "client_4821"
}
}
# Response (201 Created)
{
"message_id": "msg_01HXKG3R2BV7N4PQ9YJWF6ZD8",
"status": "queued",
"queued_at": "2025-06-12T14:22:07Z"
}
Domain authentication is a prerequisite for sending through our platform. We require verified SPF, DKIM, and DMARC records on all sending domains before activation. Our onboarding team provides guided implementation support.
Specifies which mail servers are authorised to send on behalf of your domain. Prevents spoofing by verifying the sending IP.
Cryptographic signing of outgoing messages. Verifies message integrity and confirms that content has not been altered in transit.
Policy layer that instructs receiving mail servers on how to handle messages that fail SPF or DKIM. Enforcement policy (p=reject) is the target state for all accounts.
All clients have access to a structured dashboard providing real-time and historical data on delivery outcomes, bounce categories, complaint rates, and API usage.
Track accepted, delivered, deferred, bounced (hard and soft), and complaint events at message level.
Bounce events are categorised automatically. Hard bounces are permanently suppressed. Soft bounces are monitored and retried per policy.
Spam complaint signals received via ISP feedback loops are processed in real time. Recipients who complain are immediately suppressed.
Our clients operate in environments where reliability, compliance, and data security are not optional. We understand the requirements of each sector we serve.
Banks, investment platforms, insurance providers, and payment processors depend on us for account alerts, transaction confirmations, regulatory notices, and compliance communications. FCA-regulated entities require particular diligence around data handling and audit trails.
Software platforms integrate our API to deliver account lifecycle messages, feature notifications, billing communications, and system alerts. We support high-volume transactional sending with consistent deliverability.
Online retailers and marketplaces rely on our infrastructure for order confirmations, dispatch notifications, return acknowledgements, and customer account communications. Opt-in compliance is verified during onboarding.
Health technology platforms communicating with patients, clinicians, or administrators require heightened data protection standards. We support UK GDPR Article 9 special category considerations in our data handling practices.
Law firms, accountancy practices, and professional services organisations use our infrastructure for client correspondence, document delivery notifications, and case update communications.
Large-scale enterprise software deployments with internal and external notification requirements benefit from dedicated IP infrastructure, high-volume capacity, and audit log access.
All pricing is exclusive of VAT. Accounts are subject to manual review and approval prior to activation. Volume pricing available on request.
Important: All accounts require manual review and approval prior to activation. Activation is not automatic. Our compliance team will review your use case, verify your identity and business registration, and confirm that your sending programme complies with our Acceptable Use Policy before granting access. Northgate Digital does not provide services for unsolicited bulk email, purchased list campaigns, or any sending activity that does not rely on confirmed opt-in consent from recipients.
Integration guides, API references, and configuration documentation for Northgate Digital infrastructure services.
This guide covers the steps required to activate your Northgate Digital account and send your first transactional message. Note that your account must be approved by our compliance team before any API keys are issued.
After submitting your access request, our team will contact you to verify your identity and business registration. You will need to provide your Companies House registration number (or equivalent for non-UK entities), primary business domain, and a description of your sending use case.
Before your account is activated, you must add the following DNS records to your sending domain. Our onboarding team will provide your specific DKIM public key.
# SPF record — add to your domain's DNS
TXT @ "v=spf1 include:spf.northgatedigital.co.uk ~all"
# DKIM record — use the selector provided during onboarding
TXT ngd1._domainkey "v=DKIM1; k=rsa; p=MIGfMA0GCSq..."
# DMARC record — minimum required policy
TXT _dmarc "v=DMARC1; p=quarantine; rua=mailto:dmarc@northgatedigital.co.uk"
Once your domain authentication is verified, your API key will be issued via the client dashboard. API keys are prefixed with ngd_live_ for production and ngd_test_ for sandbox.
// Node.js example using the official SDK
const { NorthgateClient } = require('@northgatedigital/node-sdk');
const client = new NorthgateClient({
apiKey: 'ngd_live_your_api_key_here'
});
await client.messages.send({
from: 'noreply@yourdomain.co.uk',
to: 'user@example.com',
subject: 'Your account has been activated',
messageType: 'transactional',
htmlBody: '<p>Welcome to the platform.</p>'
});
A full account of the technical and organisational measures we apply to protect client data and ensure the responsible use of our infrastructure.
All data transmitted between clients and our infrastructure is encrypted using TLS 1.2 or higher. TLS 1.0 and 1.1 are disabled. Message relay between our infrastructure and receiving mail servers uses opportunistic TLS where supported by the remote host, with forced TLS for supported enterprise domains.
SPF, DKIM, and DMARC records are mandatory for all sending domains. Accounts are not activated until authentication records are verified by our onboarding team. Authentication status is monitored continuously, and accounts are suspended if records are removed or become invalid.
Our automated abuse detection system continuously analyses sending patterns, complaint rates, bounce rates, and content signals. Anomalous activity triggers automated alerts and may result in temporary rate throttling or account suspension pending review by our abuse team.
Business and Corporate plan clients are assigned dedicated IP addresses that are not shared with other senders. IP addresses are monitored against all major blacklists (Spamhaus ZEN, Barracuda, SURBL, and others) with immediate alerting on any listing events.
To request platform access, speak to our sales team, or raise a support enquiry, please use the form below or contact us directly.
We typically respond within one business day. Access requests require a compliance review and may take 2–5 business days.
How Northgate Digital Ltd collects, uses, and protects personal data.
Northgate Digital Ltd (Company No. 14782391, VAT No. GB 427 8831 09), 4th Floor, 33 Cavendish Square, London W1G 0PW, is the data controller for personal data collected through this website and in connection with our services. We are registered with the Information Commissioner's Office (ICO).
We collect and process the following categories of personal data:
We process personal data on the following lawful bases:
Message metadata is retained for 30 days by default. Account data is retained for the duration of the client relationship and for six years thereafter, in accordance with UK tax and legal record-keeping requirements. Log data is retained for 12 months.
Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions). Our primary infrastructure is hosted within the UK and EEA.
Under UK GDPR, you have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to object to processing and to lodge a complaint with the ICO (ico.org.uk). To exercise these rights, contact: privacy@northgatedigital.co.uk.
For privacy-related queries, contact our Data Protection contact at privacy@northgatedigital.co.uk or write to our registered office address.
The terms governing your use of Northgate Digital services.
These Terms of Service ("Terms") constitute an agreement between you (the "Client") and Northgate Digital Ltd, a company registered in England and Wales (Company No. 14782391) ("Northgate Digital", "we", "us").
Northgate Digital provides transactional email infrastructure, SMTP relay, and communication API services as described in our service documentation. Access to the platform is subject to successful completion of our compliance review and approval process.
All accounts require manual review and approval. We reserve the right to decline any access request without providing a reason. Account activation does not occur automatically upon payment. We may request additional documentation or information as part of our onboarding review.
Your use of our services is governed by our Acceptable Use Policy. Sending unsolicited email, using purchased mailing lists, sending to recipients who have not explicitly opted in, or any other prohibited activity will result in immediate account suspension. See our Acceptable Use Policy for the complete list of prohibited activities.
Invoices are issued monthly in advance. Payment is due within 14 days of invoice date. We accept bank transfer and card payment. All fees are exclusive of VAT, which will be added where applicable at the prevailing rate.
To the maximum extent permitted by law, our total liability to you for any claim arising in connection with these Terms shall not exceed the fees paid by you in the three months preceding the claim. We are not liable for indirect, consequential, or special losses.
Either party may terminate the agreement with 30 days' written notice. We may suspend or terminate your account immediately if you breach these Terms or our Acceptable Use Policy.
These Terms are governed by the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the English courts.
The rules governing permitted use of Northgate Digital infrastructure.
This Acceptable Use Policy ("AUP") sets out the rules that govern all use of Northgate Digital Ltd infrastructure. By using our services, you agree to comply with this AUP in full. Violation of any provision may result in immediate account suspension without notice or refund.
Our infrastructure is provided exclusively for transactional messaging: communications that are triggered by a specific action taken by the recipient, or that are necessary to fulfil a service the recipient has actively requested. This includes:
The following activities are strictly prohibited under all circumstances:
All sending must be based on confirmed, explicit opt-in consent from each recipient. You must be able to demonstrate, upon request, when and how consent was obtained for any recipient address. Consent must be freely given, specific, informed, and unambiguous. Pre-ticked boxes and bundled consent do not satisfy UK GDPR or PECR requirements.
We monitor all sending activity on our platform using automated systems and manual review. Where a violation of this AUP is detected or suspected, we may without prior notice: throttle or suspend sending; suspend the account; terminate the agreement; and/or report the activity to relevant authorities or anti-abuse organisations.
Account suspensions for AUP violations are not eligible for refund of prepaid fees.
To report abuse originating from Northgate Digital infrastructure, contact abuse@northgatedigital.co.uk. We take all abuse reports seriously and investigate them promptly.
Protected by TLS 1.3 encryption · Northgate Digital Ltd · Co. No. 14782391
Acme Corp Ltd · Account ID: acc_01HXKG3R2BV