Sales system
Your automated
pipeline — built.
Every lead from the audit tool gets a personalised email within 5 minutes, three intelligent follow-ups, and an automatic call booking. Zero manual work until the meeting happens.
Audit completed
High / medium / low risk result
Email 1 sent
Within 5 minutes, personalised
No reply? Day 3
Follow-up with urgency angle
No reply? Day 7
Final email, different hook
Reply / click
Bot drops booking link
Call booked
In your calendar automatically
5min
First email after audit completion
9
Email templates across 3 risk tiers
£63
Total monthly cost of full system
0
Manual actions until the call starts
01
Professional email address
Get hello@guardlayer.co.uk via Google Workspace. All outreach comes from here — builds domain trust and deliverability. Never use a free Gmail address for sales.
Google Workspace
£5/month
02
Booking bot setup
Cal.com connects to your Google Calendar. Set available demo slots. You get a permanent link: cal.com/guardlayer/demo — paste it everywhere.
Cal.com
£12/month
03
AI email sequences
Instantly.ai sends personalised emails using the 9 templates in this playbook. Load the templates, connect your email, set the triggers. Done once, runs forever.
Instantly.ai
£37/month
04
Connect everything
Make.com watches for audit completions, fires leads into Instantly, logs them in your CRM sheet, and sends you a WhatsApp when a call books.
Make.com
£9/month
Email sequences
9 templates. 3 tiers.
Personalised automatically.
Each sequence matches the lead's audit risk level. High-risk leads get urgency and specificity. Low-risk leads get a softer, educational approach. All include the booking link.
Variables in blue are auto-filled by Instantly.ai from the audit data. Copy each email into Instantly as a step in the relevant sequence.
⚠ High risk
◉ Medium risk
✓ Low risk
⚠ High risk leads
These platforms have 2+ critical OSA failures. Maximum urgency. Specific findings. Short, sharp emails. Goal: book a call within 48 hours of audit.
Email 1 — Immediate (within 5 minutes)
Send delay: 5 minutes after audit
Subject line
Your GuardLayer audit — [Platform name] has active compliance failures
Email body
Hi [First name],
I noticed you just completed our Online Safety Act compliance audit for [Platform name].
Your result flagged [number of critical failures] active compliance failures — including [top failure, e.g. "no children's risk assessment"].
Under the OSA, these aren't future concerns. They're current legal breaches that Ofcom can act on now, with fines up to £18 million or 10% of global revenue.
GuardLayer closes every gap we identified — typically within 48 hours of integration. I'd like to walk you through exactly what that looks like for [Platform name].
Do you have 30 minutes this week?
→ Book a call: cal.com/guardlayer/demo
James
GuardLayer
hello@guardlayer.co.uk
Why this works: References their specific audit result immediately. Uses their platform name twice — feels personal, not automated. Single CTA. Under 150 words.
Email 2 — Day 3 (no reply)
Send delay: 72 hours after Email 1, if no reply
Subject line
Re: [Platform name] — Ofcom's Phase 3 deadline is July 2026
Email body
Hi [First name],
Following up on my note about your compliance audit.
One thing worth knowing: Ofcom's Phase 3 duties arrive in Summer 2026 — adding new transparency reporting and categorisation obligations on top of the existing failures your audit flagged.
Platforms that aren't compliant by then are moving from "we should fix this" to "Ofcom is actively investigating us."
We've helped platforms in your position go from flagged to fully compliant in under a week.
Worth 30 minutes to see if we can do the same for [Platform name]?
→ Pick a time: cal.com/guardlayer/demo
James
GuardLayer
Why this works: Adds new information (Phase 3 deadline) rather than repeating the first email. Creates time urgency without being aggressive. Thread reply keeps it in context of first email.
Email 3 — Day 7 (final)
Send delay: 7 days after Email 1, if no reply
Subject line
Last note from GuardLayer — [Platform name]
Email body
Hi [First name],
I'll keep this brief — I know your inbox is busy.
[Platform name] still has [number] active OSA compliance failures from your audit. I don't want to keep nudging you if now isn't the right time.
But if protecting children on your platform and avoiding Ofcom enforcement is on your list for this quarter — even just to understand what's involved — I'm here.
30 minutes. Free. No pressure.
→ cal.com/guardlayer/demo
If I don't hear back, I'll leave you to it — and you're always welcome to reach out when the timing works.
James
GuardLayer
Why this works: Acknowledges the silence without guilt-tripping. Keeps the door permanently open. The "protecting children" line reframes from compliance obligation to genuine purpose. Final emails with this tone consistently outperform aggressive follow-ups.
◉ Medium risk leads
These platforms have 1 critical failure or 2+ warnings. Softer urgency. Educational tone. Goal: book a call within the week before they deprioritise it.
Email 1 — Immediate (within 5 minutes)
Send delay: 5 minutes after audit
Subject line
Your GuardLayer audit — a few gaps worth closing for [Platform name]
Email body
Hi [First name],
Your compliance audit for [Platform name] came back medium risk — which means you've made solid progress, but there are still gaps Ofcom could flag.
Specifically: [top warning, e.g. "no age assurance in place"] is a requirement under the Protection of Children code that came into force in July 2025.
The good news is these are straightforward to fix — GuardLayer handles the technical integration and generates all your compliance documentation automatically.
Happy to walk you through it in 30 minutes?
→ Book a call: cal.com/guardlayer/demo
James
GuardLayer
hello@guardlayer.co.uk
Why this works: Acknowledges their progress ("solid progress") before identifying gaps — avoids making them feel attacked. Specific about what the gap is. Friendly, not alarming.
Email 2 — Day 4 (no reply)
Send delay: 96 hours after Email 1, if no reply
Subject line
Quick question about [Platform name]'s compliance roadmap
Email body
Hi [First name],
Following up briefly — I wanted to share something that might be useful regardless of whether we work together.
Ofcom published updated guidance for gaming platforms in late 2025. The key change: annual compliance reviews are now expected, not just one-time risk assessments.
That means the gaps in your current setup compound over time — what's a warning today becomes a failure at the next review if it isn't addressed.
GuardLayer auto-generates your annual review documentation alongside the fix. Saves your team significant time.
Worth a conversation?
→ cal.com/guardlayer/demo
James
Why this works: Leads with genuinely useful information, not a sales pitch. The annual review angle is new information they likely didn't know. Positions GuardLayer as helpful rather than pushy.
Email 3 — Day 10 (final)
Send delay: 10 days after Email 1, if no reply
Subject line
Closing the loop — [Platform name]
Email body
Hi [First name],
Last note — I promise.
Your audit showed [Platform name] is most of the way there on OSA compliance. Closing the remaining gaps is genuinely not a big lift with the right tool.
If this lands at a better time in the next few months, our free audit and call are always available at guardlayer.co.uk.
Stay safe out there.
James
GuardLayer
Why this works: Extremely short. Ends on warmth, not urgency. "Stay safe out there" is memorable and consistent with the brand's purpose. Leaves a positive impression that makes them think of you when the timing is right.
✓ Low risk leads
These platforms are largely compliant. Nurture approach. Goal: plant the seed for Phase 3 duties and stay top of mind when they need an upgrade.
Email 1 — Day 1 (slower send for low risk)
Send delay: 24 hours after audit
Subject line
[Platform name] — you're ahead of most. Here's what's coming next.
Email body
Hi [First name],
Your compliance audit came back low risk — which genuinely puts [Platform name] ahead of the vast majority of platforms we see.
I wanted to reach out because staying compliant is an ongoing process, not a one-time checkbox.
Ofcom's Phase 3 categorisation duties arrive this summer, introducing new transparency reporting requirements and categorisation obligations. Platforms that are compliant today still need to prepare for these.
GuardLayer automates the ongoing compliance work — risk assessment reviews, transparency reports, and child safety monitoring — so you don't have to rebuild from scratch every time Ofcom updates its codes.
No urgency here. But if you'd ever like a free 30-minute walkthrough of what Phase 3 means for [Platform name], I'm happy to help.
→ cal.com/guardlayer/demo
James
GuardLayer
Why this works: Opens with genuine praise — they've earned it. Doesn't create false urgency. Positions GuardLayer as a long-term partner, not an emergency service. These leads convert slower but have higher lifetime value.
Email 2 — Day 14 (no reply)
Send delay: 14 days after Email 1, if no reply
Subject line
One thing most compliant platforms miss
Email body
Hi [First name],
One quick thing I didn't mention last time.
Even for platforms with strong compliance foundations, voice chat monitoring is the gap that trips most people up — especially with children.
Text moderation is well-understood. Voice chat in games is still largely unmonitored, and it's where most predatory contact with children actually happens. Ofcom has specifically flagged this as a focus area for 2026.
GuardLayer covers both — text and voice — in one integration.
Might be worth 20 minutes just to see how it works.
→ cal.com/guardlayer/demo
James
Why this works: Introduces a completely new angle — voice chat — that even compliant platforms haven't thought about. Short, specific, and genuinely useful. Good hook for gaming platforms especially.
Email 3 — Day 30 (long-term nurture)
Send delay: 30 days after Email 1, if no reply
Subject line
Ofcom update — July 2026 deadlines confirmed
Email body
Hi [First name],
Quick heads up — Ofcom confirmed this month that Phase 3 categorisation duties and new transparency reporting requirements come into effect in July 2026.
For platforms like [Platform name] that are already largely compliant, this is primarily about adding the Phase 3 layer before the deadline rather than fixing critical failures.
GuardLayer auto-generates the transparency reports Ofcom requires, updated automatically as guidance changes.
If July feels relevant, I'm here.
→ cal.com/guardlayer/demo
James
GuardLayer
Why this works: Reads like a useful update, not a sales email. Sent 30 days later when the timing may be more relevant. These "update" style emails consistently get higher open rates because they feel like genuine outreach rather than a follow-up sequence.
Setup playbook
From zero to running
in one afternoon.
Follow these steps in order. Total setup time: 2-3 hours. Then it runs itself.
Step 1 — Professional email
Go to workspace.google.com → Business Starter plan → Add domain: guardlayer.co.uk → Create hello@guardlayer.co.uk. Add the DNS records to your domain registrar (Namecheap, GoDaddy etc — they have a guide). Takes about 20 minutes.
Google Workspace £5/month
workspace.google.com
Professional email, Google Calendar, Google Meet for calls. Essential — never use a free Gmail for sales outreach as it destroys deliverability.
Email warming — important
New domains get flagged as spam. Use Instantly's built-in email warming for 2 weeks before sending any outreach. It automatically sends and replies to low-volume emails to build your sender reputation.
⚠ Do not skip this step — skipping it will land all your emails in spam.
Step 2 — Booking bot (Cal.com)
Sign up at cal.com → Connect Google Calendar → Create event type "GuardLayer Demo Call" → Set duration 30 minutes → Set available hours (e.g. Tue–Thu, 10am–4pm) → Copy your booking link.
1
Create your event type
Title: "GuardLayer compliance demo" · Duration: 30 minutes · Buffer time: 15 minutes before and after (gives you time to prepare and debrief)
2
Add qualifying questions
Before booking, ask: (1) Platform name and URL, (2) Approximate monthly active users, (3) What's your primary concern — compliance fines, child safety, or both? This qualifies leads before the call so you're never going in blind.
3
Set confirmation and reminder emails
Confirmation email on booking: "Thanks for booking — we'll send your personalised compliance report 24 hours before the call." · Reminder: 24 hours before, 1 hour before. Reduces no-shows significantly.
4
Your permanent booking link
cal.com/guardlayer/demo
Put this link in every email, the landing page footer, your LinkedIn bio, and anywhere else you appear online.
Step 3 — Instantly.ai setup
Sign up at instantly.ai → Connect hello@guardlayer.co.uk → Enable email warming → Create 3 campaigns (High Risk, Medium Risk, Low Risk) → Load templates from the Email Sequences tab → Set triggers.
| Setting | Value |
|---|---|
| Daily sending limit (first 2 weeks) | 20 emails/day — ramp up gradually |
| Daily sending limit (after warm-up) | 50 emails/day maximum |
| Send time window | Tuesday–Thursday, 8am–11am (highest open rates) |
| Time zone | Europe/London |
| Reply detection | ON — stops sequence if lead replies |
| Unsubscribe link | ON — legally required under UK PECR |
| Tracking opens | ON |
| Tracking clicks | ON |
| AI reply agent | ON — responds to positive replies with booking link |
Legal note: Under UK PECR (Privacy and Electronic Communications Regulations), B2B cold email is permitted to business email addresses if you have a legitimate interest — which GuardLayer clearly does given the compliance context. However, you must include an unsubscribe option and honour requests promptly. Never email personal addresses (gmail, hotmail etc) in cold sequences.
Step 4 — Make.com automation
Make.com (make.com) is the glue that connects everything. Create a free account → Build the scenario described in the Automation Map tab → Test with a dummy audit submission.
Automation map
How everything connects.
Three separate Make.com scenarios. Each one handles a different part of the pipeline. Build them in this order.
Scenario 1 — Audit to email
Fires the moment someone completes the audit and provides their email.
Webhook trigger
Audit form submitted
→
Parse data
Email, risk score, platform
→
Route by risk
High / Medium / Low
→
Add to Instantly
Correct campaign
→
Log to Google Sheet
CRM record created
→
WhatsApp alert
You notified instantly
1
Webhook trigger
In Make.com, create a Webhooks module as the trigger. Copy the webhook URL it gives you and paste it into the guardlayer.html audit form's submitEmail() function. Every audit submission will now fire this scenario.
// Add to submitEmail() in guardlayer.html after storing to localStorage:
fetch('YOUR_MAKE_WEBHOOK_URL', {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
email: email,
platform: aAnswers.platform || 'Unknown',
children: aAnswers.children,
risk: riskLevel, // 'critical', 'warning', or 'ok'
features: aAnswers.features,
date: new Date().toISOString()
})
});
2
Router module — split by risk
Add a Router module. Create 3 routes: Route 1 condition: risk = "critical" → adds to Instantly High Risk campaign. Route 2: risk = "warning" → Medium Risk campaign. Route 3: risk = "ok" → Low Risk campaign.
3
Instantly.ai module
Connect Instantly.ai via API. Map fields: email → lead email, platform name → custom variable {platformName}, risk score → {riskScore}, number of failures → {failureCount}. These variables auto-populate in your email templates.
4
Google Sheets CRM log
Add a Google Sheets module. Create a sheet with columns: Email, Platform, Risk Level, Features, Date Added, Status (defaults to "In sequence"). Every lead is automatically logged. This is your CRM.
5
WhatsApp notification (via Twilio or WhatsApp Business)
For high-risk leads only, add a WhatsApp message to your phone: "🚨 High risk lead: {email} — {platformName} has {failureCount} critical OSA failures. Email sent. Check Instantly."
Scenario 2 — Call booked notification
Fires the moment someone books a demo call via Cal.com.
Cal.com trigger
Booking confirmed
→
Stop Instantly sequence
No more follow-ups
→
Update Google Sheet
Status → "Call booked"
→
Send prep email
Custom report 24hrs before
→
WhatsApp alert
Call time + details
Scenario 3 — Post-call follow up
Fires 30 minutes after a booked call's end time, sending a follow-up email automatically.
Schedule trigger
30min after call end
→
Send follow-up email
Proposal + next steps
→
Update CRM
Status → "Proposal sent"
→
Remind in 3 days
If no reply to proposal
Post-call follow-up email template
Subject: GuardLayer proposal for [Platform name]
Hi [First name],
Great speaking with you today. As discussed, here's a summary of what we covered and next steps.
Your current compliance gaps:
[Gap 1]
[Gap 2]
What GuardLayer provides:
— GuardLayer Detect: real-time text and voice monitoring
— GuardLayer Comply: automated risk assessments and Ofcom documentation
— GuardLayer Report: evidence vault and NCA referral tool
Recommended plan: [Starter / Growth / Enterprise] at [£299 / £999 / Custom]/month
Integration timeline: typically 48 hours from contract signing.
To get started, simply reply to this email and I'll send the agreement over.
James
GuardLayer
hello@guardlayer.co.uk | guardlayer.co.uk