Why Telegram and not WhatsApp or Slack
The choice of messaging platform for an AI assistant is not a matter of aesthetic preference. It is a technical and economic decision with consequences for years. The Telegram Bot API has been mature since 2015, and in 2026 it supports bots, channels, groups, payments, inline queries, attachments up to 2 GB, voice messages, video messages, and location sharing. The WhatsApp Business platform is younger, more restrictive, and paid per message (0.005-0.04 dollars per message depending on country tier). Slack is focused on enterprise teams internally, less natural for client-assistant communication.
The Telegram Bot API is free with no message limits, the rate limit is 30 messages per second per bot (more than enough for an SMB). You can send files up to 2 GB each (invoices, screenshots, audio recordings, contracts), while WhatsApp’s limit is 100 MB and requires a specific Business API. Voice and video messages are supported natively with transcription on the bot side (if you integrate Whisper API). Inline queries enable quick lookups without changing the conversation.
The second advantage: a unified environment for the user. Maciej keeps business conversations, family ones, channels with industry news, the install crew bot, and the AI assistant all in Telegram. Everything in one app on phone and desktop. WhatsApp and Slack require separate installs, separate notifications, separate mental switching. For SMBs with 1-5 users (owner plus right-hand person) Telegram wins on ergonomics.
Compliance: Telegram FZ-LLC has Dubai jurisdiction with servers distributed worldwide. For integrations with PII (personal data of clients) you need to sign a DPA and assess transfer risk. For SMBs in DACH/PL a DPIA (Data Protection Impact Assessment) is required if the AI assistant processes sensitive data. Realistically: for most B2B use cases (operational automation, not consumer-facing chatbots) Telegram is compliant once appropriate clauses are added. Details in the official Telegram Bot API documentation.
Architecture: bot, agent, integrations
The architecture of a Telegram bot AI assistant has four layers: bot endpoint (communication with Telegram Bot API), agent orchestrator (Claude Agent SDK), integration layer (Gmail, Calendar, CRM via MCP servers), persistent state layer (SQLite or Postgres per user). Each layer does one thing well and can be swapped independently.
Bot endpoint: two implementation options. Long polling (the bot regularly asks Telegram “are there new messages?”) is the simpler implementation, works behind a firewall, latency 1-3 seconds. Webhook (Telegram pushes messages to your URL when they arrive) gives lower latency (sub-second), but it requires a publicly accessible HTTPS endpoint. For our AI Assistant V0.1 we pick long polling as the default (deploy on a Mac Mini without a reverse proxy), webhook for scale above 1000 plus users.
Agent orchestrator: Claude Agent SDK in Python (preferred for the MCP ecosystem and scientific libraries). Each message from the user reaches the agent with context (previous turns in SQLite plus persona in the system prompt plus current integration state), the agent decides which sequence of tools to call, and streams a reply back to the user (first response in 200-500ms, full in 3-8s).
Integration layer: MCP servers for each external integration. Gmail, Google Calendar, ClickUp/Notion/Airtable as CRM, a custom MCP per client for a proprietary system. Communication via a local channel (local MCP servers) or HTTP (cloud MCP servers). Each integration has its own audit log, its own credentials, its own rotation policy.
Persistent state layer: SQLite per client (up to 100 plus users) or Postgres (above). Minimal schema: user id, conversation id, turn number, role (user/assistant/tool), content, timestamp, tokens used. Plus user metadata: tier (admin/operator/readonly), persona override, language, timezone. Plus audit log: each side-effect action (send_email, update_crm) has its own entry with an idempotency key.
Backup and recovery: daily SQLite snapshots to S3-compatible storage (Hetzner Storage Box, Backblaze B2, AWS S3), 30-day retention. A recovery test once a quarter (restore the snapshot to a second instance, check that the bot starts, that conversation history is correct). Without this, a real disaster (corrupted DB file, an accidental SQL DELETE) can mean a week of context lost with clients, which for an AI assistant relying on history is effectively a product write-off.
Four use cases for SMBs
First use case: email triage plus draft replies. Maciej gets 30-50 emails a day, most need a simple answer (meeting confirmation, thanks for a referral, brief request). The AI assistant reads the new message (via the Gmail MCP), classifies it (urgent/normal/spam), generates a draft reply in Maciej’s tone (voice extraction from the voice extraction article), and sends it to Telegram for approval. Maciej sees “Draft to Anna K (rebrand quote): [text]” in Telegram, clicks “send” or edits, the bot sends. A 60-70 percent time reduction on routine email.
Second use case: calendar booking automation. A client writes “when does he have time for a 30-minute call?”. The AI assistant reads Maciej’s Google Calendar, checks preferences (Maciej does not book before 10:00 and after 17:00, Tuesday/Thursday 14-16 blocked for deep work), proposes 3 slots, waits for client confirmation, creates an event with a Zoom link. Maciej gets a notification “Call with Anna K, Wednesday 14:00-14:30, Zoom link: …”. Eliminates 5-10 email exchanges per booking.
Third use case: CRM update through natural language. Maciej writes to the bot “send an offer to Anna from lead 0042”. The bot looks up lead “0042” in the CRM (Notion/Airtable/ClickUp), finds the details (company, contact, scope discussed), generates a proposal from a template, customizes it based on the scope, sends it to Maciej for approval, and after confirm sends it to the client via Gmail plus updates the CRM status to “Quote sent”. Maciej gets a report “Sent to Anna K, status updated”. Eliminates 20-30 minutes per lead on quote production.
Fourth use case: operational alerts from monitoring systems. The bot monitors client hosts (uptime ping), WP servers (Lighthouse score), the sales pipeline (anomaly detection in order volume), error logs. When something deviates from normal, the bot writes to Telegram “ALERT: our studio site response time 3.2s (baseline 0.8s) over the last hour. Last deploy: 2 hours ago, commit abc123. Suggest investigation”. Maciej decides whether it is a false positive or a real incident, the bot helps with diagnosis (logs, recent changes, rollback option).
Fifth use case (bonus for retail/services clients): handling bookings and FAQ from end customers. A separate Telegram bot (a different instance) exposed publicly, where the customer writes “do you have availability for Saturday 15 July”. The bot checks availability in the booking system (MPHB, Reservio, custom), proposes options, waits for confirmation, creates the booking. For a hospitality client owner this pattern is meant to cut 30-40 percent of messenger load on simple availability and pricing questions. Full isolation from the internal assistant (a different bot API token, a different persona, a different permissions tier).
Persona configuration, the soul.md pattern
Without a persona configured, an AI assistant sounds generic and the client instinctively recognizes it as ChatGPT. The ChatGPT default (over-formal, “I’d be happy to help”, a lot of em-dashes, mismatched greeting style) erodes professionalism. The solution: a persona file per client, embedded as part of the system prompt, containing role, brand voice, priorities, and escalation triggers.
Structure of soul.md per client: a “Role” section (who the assistant is: name, persona, vibe), a “Voice” section (how it writes: standard greeting, standard signoff, paragraph length, capitalization style, banned words, preferred terminology), a “Priorities” section (what matters for the client: revenue retention, long-term client relationships, compliance, etc.), and a “Don’t” section (what is off-limits: spamming users, sending without approval, escalating to others without context).
A practical example from our AI Assistant V0.1: the persona for a DACH e-commerce business owner includes “communication style: matter-of-fact, German precision, prefer numbers over adjectives” plus “priority: order accuracy more important than speed” plus “don’t: do not escalate to support unless real urgency”. That, together with brand voice from our DACH marketing rules, gives the agent a concrete poetics: it writes differently than the agent for a hospitality client owner (warmer, hospitality tone, friend-oriented).
Voice extraction from 30-50 client emails is an add-on at plus 1500 PLN to the AI Assistant V0.1 setup. We anonymize PII, run extraction in Claude Sonnet (a JSON structure with greeting/signoff/banned_words/quirks), validate with the client whether they recognize themselves, and deploy into the system prompt. Voice drift is monitored monthly under the 800 PLN/mo retainer. More in the voice extraction article.
Security plus permissions
A Telegram bot without a user_id allowlist is an attack vector. Anyone on the internet can find the bot’s username (via Telegram search or by guessing from naming conventions) and message it. Without an allowlist the agent treats a stranger as its user, exposes confidential CRM data, sends emails on Maciej’s behalf. The standard: a hardcoded user_id allowlist in the bot config; the bot rejects every message from a user_id outside the allowlist with a polite “This bot is private”.
Per-user role: admin (full access, can run side-effect actions without approval), operator (needs Maciej’s approval for emails/quotes/CRM updates), readonly (queries only, cannot modify). Implementation: a users table with a role column; each tool checks the role before executing. Maciej can promote/demote via a bot command “/role @username operator”.
Audit log of every side-effect action: who, when, which tool called, with what parameters, what result (success/fail/error). The audit log lives in the database plus a daily CSV export plus 90-day storage (compliance). An example entry: “2026-06-15T14:23:12Z, user_id=42, tool=send_email, params={to: [email protected], subject: Quote}, idempotency_key=abc-123, status=success, message_id=gmail-456”.
PII redaction in transit and storage: every log message with PII (email address, phone number, NIP) is redacted before write (regex replace plus structured patterns). Only an anonymous ID lands in the log; the ID-to-PII mapping lives in a separate encrypted table with a 30-day TTL. For DACH compliance plus Polish clients in regulated sectors (medical, financial) this detail is often a requirement, not an option.
MFA via Telegram Login: for sensitive actions (approving a transfer, signing a contract, changing key CRM settings) the bot requires a second factor. The Telegram Login Widget integrates natively: the user clicks a link, Telegram confirms identity through the app, the bot receives a signed payload with user_id plus timestamp. No SMS, no dedicated 2FA app, no extra cost. For SMBs below 50 users this pattern is sufficient for compliance and more ergonomic than classic TOTP.
Rate limiting per user: even on the allowlist it pays to have limits (for example 30 messages per minute per user_id, 500 per hour). Without them a single mistake in a client-side script or a compromised account can generate a flood of calls that both exhaust Claude API credit and trigger Telegram rate limits. Our default is a soft limit with a polite “Too many messages in a short time, give me a moment” and logging to audit.
Deploy: Mac Mini self-host versus cloud
Two deployment paths. Mac Mini M4 self-host: a one-time 800 dollars plus electricity 5-10 dollars/mo, no monthly fees, full physical control over the hardware. A pattern for SMBs with 1-3 clients: a Mac Mini in the office, Tailscale for remote access, each client bot on a separate launchd plist. We use this pattern for internal ClaudeClaw v2 bots (an internal system at Hanse Studio) and it is a candidate for the first 2-3 paying clients of AI Assistant V0.1.
Cloud deploy: a Hetzner CPX21 VPS (12 euros/mo) or DigitalOcean Droplet (12 dollars/mo), Docker compose with bot plus Postgres plus reverse proxy, Cloudflare in front for DDoS protection. A pattern for SMBs with 5 plus clients or clients demanding 99.9 percent uptime. Automatic backups to S3, monitoring via UptimeRobot or Datadog, alerts to Telegram.
The third option: hybrid. Bot endpoint and orchestrator in the cloud (publicly accessible, low latency), MCP servers with sensitive data (custom CRM, accounting system) on the client’s premises through VPN or Tailscale. Communication encrypted, data never leaves the client’s infrastructure, but scaling and availability are cloud-grade. We recommend this pattern for compliance-heavy clients (medical, financial), where cloud-only is simply ruled out by company policy.
Per-client choice: Mac Mini when the client is OK with hosting in another city (Szczecin) and 99 percent uptime is enough, cloud when the client requires a formal SLA or the compliance officer’s approval for cloud-only. Policy: the first client is always cloud (Hetzner, 12 euros/mo included in the 3000 PLN setup), Mac Mini is an option from client 4 onwards (economies of scale).
AI Assistant V0.1 pricing
The standard AI Assistant V0.1 package: setup 3000 PLN one-time (build, persona configuration, integrations with Gmail/Calendar/basic CRM, deployment, a 2-week onboarding) plus a retainer of 800 PLN/mo (hosting, monitoring, monthly improvements, 2h of ad-hoc tweaks per month). The package opens for the first client from June 2026, currently 2 paying-interested clients (a DACH e-commerce business owner, a hospitality client owner).
Voice extraction add-on: plus 1500 PLN one-time (analysis of 30-50 emails, voice profile JSON, validation with the client, deployment). Monthly drift check under the 800 PLN/mo retainer. For clients with a strong personal brand (B2B firm owners) the value materializes fast.
Enterprise tier (4 plus clients in): 1500 PLN/mo retainer, including 5h of ad-hoc tweaks per month, priority support with a 24h response, dedicated MCP servers per client, on-prem deploy option. Targets clients in compliance-heavy industries (medical, financial, law firms). We run discovery through the AI audit at 1500 PLN before implementation kicks off. The contact form is the place to discuss pricing.
FAQ
Why not WhatsApp instead of Telegram?
The WhatsApp Business platform is paid per message (0.005-0.04 dollars), requires Business API approval (1-2 weeks for new integrations), template messages plus opening conversation window restrictions (the client must write first within a 24h window). Telegram is free, no approval process, no template restrictions. For an internal operational assistant (Maciej as the user) Telegram wins. For a customer-facing chatbot (the client writes) WhatsApp makes sense if the client already uses WhatsApp, but TCO is higher.
What if the AI gives a wrong answer to a client?
The pattern: every action with an external side effect (sending an email, a proposal to the client, a CRM update visible to the client) requires explicit Maciej approval via a Telegram inline button “Approve / Edit / Reject”. Without approval the bot generates a draft and waits. Approval is recorded in the audit log (who, when, which version approved). For low-risk actions (internal note, classification, a query) approval is optional.
Will an AI assistant replace my human assistant?
Augment, not replace. AI reduces the volume of routine tasks by 40-60 percent (email triage, calendar booking, CRM update, status check). The human assistant still handles phone calls, complex negotiations, judgment-heavy decisions, building relationships with clients. For an SMB with one assistant, AI lets that assistant handle 50-100 percent more clients. For an SMB without an assistant, AI replaces 30-50 percent of the load that would otherwise fall on Maciej.
GDPR compliance, how does it look?
A DPA with Anthropic (model provider) plus a DPA with Telegram FZ-LLC (platform) plus a DPIA for the setup (if you process sensitive data). 90-day retention on the audit log of every action. Right to be forgotten: the user (Maciej’s client) can request deletion of conversations plus an audit log extract, we implement the request within 30 days. PII redaction in transit plus storage. Encrypted backup with key rotation. For clients in regulated industries we additionally propose on-prem MCP servers.