Frame 1
COMPLIANCE & TRUST

Deliberation technology needs trust at the core

Safety in dialogue is non-negotiable. That’s why dembrane is built for trust from the ground up.

ISO 27001 certified · GDPR compliant · EU hosted · Source available

ISO 27001 certified · GDPR compliant · EU hosted · Source available

How dembrane processes your data

Step 1

Participants record the audio of their conversations. No personal data need to be collected before recording to start.

Participants record the audio of their conversations. No personal data need to be collected before recording to start.

Step 2

The audio recording is transcribed into text. We use a double model approach to ensure transcription accuracy.

The audio recording is transcribed into text. We use a double model approach to ensure transcription accuracy.

Step 3

Conversation hosts can perform analysis on the audio and the transcripts using the dembrane dashboard.

Conversation hosts can perform analysis on the audio and the transcripts using the dembrane dashboard.

Audio recording
Language models*
Data Pipelines
Processed Insights

Audio data is deleted 30 days after the project finishes. Data can be deleted immediately upon request. Only what participants share voluntarily during the conversation is recorded. The host is the data controller.

Audio data is deleted 30 days after the project finishes. Data can be deleted immediately upon request. Only what participants share voluntarily during the conversation is recorded. The host is the data controller.

*Our Language Model Providers & sub-processors are Google Cloud Vertex AI. We have strict data protection agreements with all subprocessors. All data processing happens on Northwest EU servers.

*Our Language Model Providers & sub-processors are Google Cloud Vertex AI. We have strict data protection agreements with all subprocessors. All data processing happens on Northwest EU servers.

All data is stored and encrypted at rest on Northwest European servers. Our current data storage provider is DigitalOcean.

All data is stored and encrypted at rest on Northwest European servers. Our current data storage provider is DigitalOcean.

What kinds of data are used for what and why?

dembrane is built with data minimization in mind. Only four categories of data are processed to deliver value, and you stay in full control.
Category
Description
Purpose
Retention
Legal Basis (Controller’s choice)*
🎙️ Audio recording

Sensitive personal data

Sensitive personal data

All audio recorded with dembrane (voluntarily shared).

All audio recorded with dembrane (voluntarily shared).

To transcribe contributions. Kept for retranscription and fact-checking.

To transcribe contributions. Kept for retranscription and fact-checking.

Project duration + 30 days. Can be deleted anytime by admin.

Project duration + 30 days. Can be deleted anytime by admin.

Your chosen legal basis (Art. 6(1) GDPR)

Your chosen legal basis (Art. 6(1) GDPR)

📝 Transcription text

Personal data (content-dependent)

Personal data (content-dependent)

Transcribed conversations from recorded audio.

Transcribed conversations from recorded audio.

To perform analysis and provide evidence for the analysis.

To perform analysis and provide evidence for the analysis.

Project duration + 30 days. Can be deleted anytime by admin.

Project duration + 30 days. Can be deleted anytime by admin.

Your chosen legal basis (Art. 6(1) GDPR)

Your chosen legal basis (Art. 6(1) GDPR)

🔍 Analysis data

Personal data (content-dependent)

Personal data (content-dependent)

Generated by dembrane and users from transcription data via chat and other features.

Generated by dembrane and users from transcription data via chat and other features.

To understand diverse stakeholder perspectives shared during sessions.

To understand diverse stakeholder perspectives shared during sessions.

Project duration + 30 days. Can be deleted upon request.

Project duration + 30 days. Can be deleted upon request.

Your chosen legal basis (Art. 6(1) GDPR)

Your chosen legal basis (Art. 6(1) GDPR)

👤 Account data

Personal data

Personal data

User email and encrypted password to create and identify user accounts.

User email and encrypted password to create and identify user accounts.

To maintain accounts for dashboard access and deliver services.

To maintain accounts for dashboard access and deliver services.

As long as account exists. Can be deleted upon request.

As long as account exists. Can be deleted upon request.

Contract; Art. 6(1)(b) GDPR

Contract; Art. 6(1)(b) GDPR

*dembrane acts as the processor (Art. 28 GDPR). The applicable legal basis is determined by you as controller.

You’re not alone

We’re trusted by leading organisations across public and private sectors

Still here? Let's work together

Sameer Pashikanti | privacy@dembrane.com

Still here? Let's work together

Sameer Pashikanti | privacy@dembrane.com

Still here? Let's work together

Sameer Pashikanti | privacy@dembrane.com
The stakeholder engagement platform built for the real world. Together, we make sense.

dembrane B.V. · KVK 89391438 · Sint Janssingel 88, 5211DA

Support: +31 63 5625 30 · support@dembrane.com

The stakeholder engagement platform built for the real world. Together, we make sense.

dembrane B.V. · KVK 89391438 · Sint Janssingel 88, 5211DA

Support: +31 63 5625 30 · support@dembrane.com

The stakeholder engagement platform built for the real world. Together, we make sense.

dembrane B.V. · KVK 89391438 · Sint Janssingel 88, 5211DA

Support: +31 63 5625 30 · support@dembrane.com

The stakeholder engagement platform built for the real world. Together, we make sense.

dembrane B.V. · KVK 89391438 · Sint Janssingel 88, 5211DA

Support: +31 63 5625 30 · support@dembrane.com