You want money going to the cause, not to a fragile IT estate. Donor data safe. Volunteers and staff able to actually do the work. Trustees getting honest answers when they ask about cyber risk. And the regulator getting answers in writing without a scramble. That's the job we take on.
Inology IT supports charities, hospices, housing associations and accredited museums across Greater Manchester and the wider North-West with managed IT shaped around the charity reality — stretched budgets, mixed estates, multiple regulators (Charity Commission, CQC, Regulator of Social Housing, ICO), volunteers as well as staff, and card payments at the till for visitor-facing trusts. We take clients through Cyber Essentials certification, keep PCI-DSS evidence tidy where retail and admissions are in scope, maximise Charity Digital tariffs and Microsoft 365 non-profit licensing, automate volunteer onboarding and offboarding, keep donor and visitor data tidy, and prepare trustee-ready cyber answers ahead of grant and supplier reviews. We tell you honestly which bits Charity Digital already covers, so you only pay us for what you actually need.
The risk profile is different — donor trust, beneficiary data, safeguarding, regulator scrutiny — and the budget is real. Most MSPs sell you the SME contract anyway. We size IT to the cause, maximise Charity Digital tariffs first, and only charge you for what genuinely needs paid support.
Volunteers come and go faster than staff. Most charities we audit have leaver accounts active months — sometimes years — after the volunteer left. ICO takes a dim view. We automate the lifecycle: provisioned in minutes with role-correct access, closed the same day they leave, audit log kept.
Fundraising spreadsheets emailed between team members, donor lists exported and forgotten, a CRM nobody quite trusts. One misdirected email and you're explaining yourself to the ICO and your trustees. We tidy donor data into M365 with sensitivity labels, retention policies, and a clean export-to-fundraiser process.
Charity Commission, CQC for hospices, Regulator of Social Housing for housing associations, ICO for everyone, DSPT where you're NHS-funded. We keep the IT-side evidence ready for each — not perfectly, we're not auditors — but ready when the regulator asks.
Not-for-profits aren't small businesses with a charity number. The risk profile is different — donor trust, beneficiary data, safeguarding obligations, regulator scrutiny — and the budget reality is real. We support charities, hospices, housing associations and accredited museums across Greater Manchester and the wider North-West. We know what the Charity Commission expects on financial controls and data, what CQC adds for hospices, what the Regulator of Social Housing expects on tenant data, what PCI-DSS asks of your till environment when you take card payments at admissions or retail, and what Charity Digital tariffs and Microsoft 365 non-profit licensing do for your unit costs.
We're not a free service, but we'll tell you honestly which bits you can self-serve, which bits Charity Digital covers, and which bits you genuinely need us for. We're not auditors and we don't pretend to be — but we know which IT-side evidence each standard expects, and we keep it ready.
A 30-minute call, on the phone or video. Cause, sites, headcount split (paid vs volunteer), regulators in scope, the systems you actually use. We listen first.
Donor data flow, volunteer access, safeguarding system integration, M365 non-profit licensing, leaver process, breach playbook. You get a written read pitched at trustees, not just techies.
Charity Digital tariffs maximised, M365 non-profit licensing right-sized, volunteer onboarding/offboarding automated, donor data tidy, trustee cyber summary kept live. One number to ring, somebody who understands the sector.
Helpdesk, device care, monthly reporting, sized for paid staff and volunteers. The baseline that everything sits on.
Charity-tariff licensing right-sized. Volunteer lifecycle automated. Donor data with sensitivity labels and retention.
Certification path with charity-specific remediation pack. Increasingly required by larger funders and corporate partners.
Donor records, beneficiary data and finance backed up to immutable storage. Restore-tested quarterly, audit-ready.
We're not auditors and we don't pretend to be — but we know which IT-side evidence each of these regulators expects, and we keep it ready.
Catalyst (registered charity 518850) runs an accredited science museum, gift shop, café and education programme on the Mersey at Widnes. Small paid team, broad volunteer base, real card payments at admissions and retail, and a board of trustees that asks proper cyber questions.
We took them through Cyber Essentials certification, kept the till environment PCI-DSS aligned (segmented network, MFA on the back-office, evidence tidy for the acquirer), and right-sized Microsoft 365 onto non-profit licensing across staff and volunteers. Trustee cyber summary refreshed quarterly, ready for grants and Heritage Fund reporting.
Full case study write-up — coming soon.
Yes — that's the starting point. Charity Digital tariffs cover heavily-discounted Microsoft 365 non-profit licensing, certain donated software, and free training resources. We'll go through what you already qualify for, what you should claim, and where you genuinely need a paid managed-service relationship. We'd rather quote less and be useful than oversize what you actually need.
Yes — and that's increasingly what trustees ask for. We produce a one-page cyber posture summary suitable for board meetings: what's in place, what's at risk, what we'd do next, costed. Pitched at trustees, not just techies. Updated quarterly, ready ahead of grant applications and supplier reviews.
We automate the lifecycle. New volunteer joins — a single form creates the M365 account with the right access for their role only, MFA enrolled, training assigned. Volunteer leaves — the same form closes the account the same day. No more dormant accounts active months after someone left. Audit log kept for charity-data-protection evidence.
Yes. We support charities with multiple shops, hospice in-patient and community sites, and housing associations across multiple estates. We build a hub-and-spoke identity model in Microsoft 365 — single tenant, site-aware access, conditional access policies that work over patchy site Wi-Fi. We've done it for clients between 30 and 300 staff plus volunteers.
Common safeguarding platforms (CPOMS, MyConcern, Safeguard My School where adapted for charity use) sit alongside M365. We make sure SSO is in place where supported, that access is properly restricted to safeguarding leads, and that the audit trail survives leavers. We're not the safeguarding-software vendor — but we make the IT around it dependable.
DSPT for hospices and any charity providing NHS-funded services — we've helped several through the annual submission. CQC's data-security expectations for hospice and care charities — we keep the IT-side evidence ready. Regulator of Social Housing data expectations for housing associations — tenant data handling, breach reporting, supplier risk. We're not auditors, but we know what each regulator's IT-side evidence looks like.
Cyber Essentials is increasingly required by larger funders and corporate partners. We've taken charities and hospices through certification. Typical timeline 6–10 weeks from engagement to certificate — sometimes longer where there's donated kit running unsupported Windows that needs replacing first. We have a charity-specific remediation pack.
Three ways. One — Microsoft 365 non-profit licensing right-sized, not over-bought. Two — Charity Digital tariff maximised before we charge for anything. Three — managed service scoped to what you actually need, not a generic SME contract. Most charities we onboard see Microsoft licensing costs go down within the first quarter.
Charities, hospices and housing associations we support across Manchester, Stockport, Trafford, Tameside and Oldham. If your team's outside Greater Manchester, we still might be a fit — see our IT support coverage across Greater Manchester.
Money goes to the cause. Donors trust you with their data. Trustees get clean answers. Volunteers come and go without leaving open accounts behind. The regulator's questions land in an inbox where the answer's already written.
Talk to Brett or Simon. 30 minutes, on the phone or video. No deck, no decision pressure — we'll tell you honestly whether we can help.