Guide · How-to

WhatsApp compliance, done properly.

Personal WhatsApp, the Business app, and the Business API are three different things. Here is how UK firms use the API for compliance reporting without a Meta account.

Try the demo See pricing

Free forever: 20 reports a month. No card, no trial clock.

Three products

Not the same WhatsApp

Personal

Consumer app

Built for friends and family. No API, no audit trail, no way to extract structured data.

Business app

Sole traders

Free app with a business profile and quick replies, but single phone, single number, no API.

Business API

Organisations

Programmatic interface for structured, scalable messaging, accessed through an approved provider.

Why not personal numbers

Data ownership and GDPR

A conversation on an engineer's personal number is legally held by the engineer. If they leave, the records leave too. Data scattered across personal devices is not under the firm's control, which creates GDPR exposure and audit gaps for records that span years.

How Quickler sets it up

Live in under a week

  1. 1

    We run the API

    Quickler manages the WhatsApp Business API account on the firm's behalf. No Meta account needed from you.

  2. 2

    Engineers just chat

    They receive a normal WhatsApp from a business number, reply, and send photos or voice notes. The infrastructure is invisible.

  3. 3

    Data stays in the EU

    Structured report data is stored on Hetzner servers in Germany, covered by a DPA, exportable to PDF and CSV.

Get started

Run compliance over WhatsApp

Quickler manages the API account. Engineers use normal WhatsApp. Records stored in the EU. Setup in under a week.

See how it works See pricing

There are three WhatsApps, and most people have only ever used one. That gap is where UK firms get compliance reporting wrong. Get the difference right and you can run inspections over WhatsApp without ever touching a Meta account.

The short version

  • Personal WhatsApp and the WhatsApp Business app are not built for whatsapp business compliance uk at scale. No API, no audit trail, no structured data.
  • The whatsapp business api uk is a programmatic interface, accessed through an approved Business Solution Provider, not a consumer app.
  • A personal number used for compliance records creates data ownership and GDPR exposure the moment an engineer leaves.
  • Engineers see a normal chat. The API infrastructure behind whatsapp inspection reports stays invisible.
  • Structured data lives with your software provider, not WhatsApp. With Quickler that means Hetzner servers in Germany, under a DPA, exportable to PDF and CSV.
  • Setup runs in under a week, with no Meta Business account needed from the firm.

The three products

Same logo, three different tools

Three distinct WhatsApp products carry the same icon. The differences decide whether the platform can carry whatsapp field compliance.

Personal WhatsApp is the consumer app, built for friends and family. Strong end-to-end encryption, deliberately minimal data portability. History lives on the device. Backups are optional and land in someone's personal Google Drive or iCloud. No business-grade audit trail, no API, no way to extract structured data.

The WhatsApp Business app is a free tool for small firms. It adds a business profile, catalogue, quick replies, and basic automated messages. But it still runs from a single phone on one number. No multi-user, no API, no high-volume workflows. It suits a sole trader who wants a business name on the chat. It does not suit a firm running inspections across many engineers.

The serious one

What the Business API actually is

The WhatsApp Business API is a programmatic interface for organisations that need to send and receive messages at scale, with structured data, through software systems. It is not a consumer app and you will not find it in an app store.

It is accessed through Meta-approved Business Solution Providers: software companies that have completed Meta's verification process and run the API infrastructure on their clients' behalf. The API handles automated messaging, sending prompts, questions, and structured forms, and processing what comes back. That is the engine behind any real compliance workflow. The system asks a series of questions, the engineer answers, and the answers populate a structured report without anyone leaving WhatsApp. This is what makes whatsapp business api field workers viable rather than a novelty.

Why not personal numbers

The data walks out with the engineer

The appeal of a personal number is obvious. The app is already there, everyone knows it, no setup. The problem is ownership.

A conversation between a field engineer and a client on the engineer's personal number is, legally, held by the engineer. If they leave, the conversation history leaves too. The firm has no copy. The inspection completed last Tuesday, the photo of the defect, the voice note describing the finding, all of it gone.

That is a GDPR problem as much as a compliance one. Personal data collected in a business context must sit under the controller's control. Data scattered across employees' personal phones is not. A subject access request for records on a former employee's device creates legal exposure most firms would rather avoid.

There is a continuity problem too. A client number is only as stable as the employee holding it. Compliance records rarely live for a week: annual EICR records, gas safety history, ongoing inspection programmes span years. Lose the thread and you create gaps that are hard to explain under audit. The API closes that gap. It works through a registered business number, separate from any employee's personal phone, linked to the organisation rather than the individual. The number stays with the firm. The history stays with the firm.

Setup

What it takes, and who does it

Setting up a WhatsApp Business API integration requires a Meta Business account for the provider, a dedicated phone number not previously tied to a consumer WhatsApp account, message templates approved by Meta, and the number connected to the platform running the workflow.

Most firms do not set this up themselves. It needs technical work, Meta verification, and ongoing maintenance. The practical route is a Business Solution Provider that has already cleared Meta's process.

Quickler manages the WhatsApp Business API account on the firm's behalf. Engineers are added to the system and start receiving WhatsApp messages from a business number within days. No Meta Business account from the firm. No technical setup by the client. The workflow is ready to use in under a week.

GDPR and data residency

Where the data actually lives

Message content sent through the WhatsApp Business API passes through Meta's infrastructure. Meta is a US company, so that content is processed in the US under Meta's terms. Under UK GDPR that is a data transfer question, one Meta addresses through Standard Contractual Clauses in its Data Processing Agreement for API users.

The structured data extracted from conversations, the report fields, photos, timestamps, and inspection results, is stored by the software provider, not by WhatsApp. Where it sits is your choice, through your choice of provider.

Quickler stores all structured report data on Hetzner servers in Germany. EU hosting satisfies both UK GDPR and EU GDPR. The data does not sit in WhatsApp, which has no business-grade retention or export. It sits in Quickler's database, covered by a DPA, accessible to the firm, exportable to PDF and CSV on demand. For the wider picture, see our GDPR for field reports guide.

On the ground

What the engineer sees: nothing technical

For the engineer, none of the above is visible. They get a WhatsApp from a business number. It asks a question: "What is the property address?" or "Send a photo of the consumer unit." They reply. Prefer to talk? They send a voice note and it is transcribed automatically.

The conversation guides them through the required fields for the job type. Reach the end and the inspection is complete. The office sees the result in the dashboard. A PDF is ready. The engineer never had to know a thing about APIs, Meta Business accounts, or data hosting.

That invisibility is the whole point. Technology should remove friction, not add it. An engineer forced to understand WhatsApp infrastructure to file a report will not file reports. See it working in our UK field compliance reporting guide and digital signatures for field reports.

Questions, answered

What is the difference between WhatsApp, WhatsApp Business app, and WhatsApp Business API?

Personal WhatsApp is for individual use. The WhatsApp Business app is a free app for small businesses: it adds a business profile and basic automation but still runs from a single phone with no API. The WhatsApp Business API is a programmatic interface for organisations that need structured, scalable messaging, accessed through an approved Business Solution Provider, not a consumer app.

Can a business use a personal WhatsApp number for compliance reporting?

It creates problems with data ownership and GDPR. If the engineer leaves, the number and conversation history leave with them. Records in a personal account are not under the firm's control. For compliance records that must be retrieved or audited, a dedicated business number managed through the API is the right approach.

Do engineers need a Meta Business account to use Quickler?

No. Quickler manages the WhatsApp Business API account on the firm's behalf. Engineers get a normal WhatsApp chat from a business number. No Meta account, no Facebook account, no setup beyond receiving the first message. It looks and works exactly like any other WhatsApp conversation.

Where is WhatsApp conversation data stored when using the API?

Message content passes through Meta's infrastructure. The structured data extracted from conversations, inspection records, report fields, photos, is stored by the software provider. Quickler stores it on Hetzner servers in Germany (EU), covered by a Data Processing Agreement. It is not stored in WhatsApp, which provides no business-grade retention or export. See how it works.

Keep reading

Related guides