Confidere
Legal

Privacy Policy

How Confidere handles personal data — written plainly, because the firms we serve are trusted with their clients' most sensitive relationships, and they expect the same of us.

Last updated: 24 June 2026 · Applies to confidere.app and the Confidere apps
The short version. Confidere is EU-hosted. We don't run ads, we don't track you across other apps, and we never use your client data to train models. Your voice notes are processed only to produce your transcripts, insights and briefs. You can view, export or delete your data at any time.
Contents
  1. Who we are
  2. Data we collect
  3. How we use it
  4. Legal bases
  5. Our promises
  6. Voice, transcripts & AI
  7. Sharing & sub-processors
  8. Residency & transfers
  9. Retention
  10. Security
  11. Your rights
  12. Cookies
  13. Changes & contact

1. Who we are

Confidere is a client-memory service for client-facing teams, operated by [Legal entity name] ("Confidere", "we", "us"), registered at [registered address]. For personal data you provide as an individual user, Confidere is the controller. Where your employer provides Confidere to you under a firm or team plan, your employer is generally the controller and Confidere acts as a processor on their behalf — see our Data Processing Agreement. Questions: [email protected].

2. Data we collect

  • Account data — your name, work email, organisation, role, and authentication details.
  • Voice notes & transcripts — the audio you record after a meeting and the transcript produced from it.
  • Insights & briefs — the structured notes, account memory and prep briefs derived from what you capture, including contributor attribution and the permission tier you choose.
  • Usage & device data — limited, security-relevant telemetry such as app version, device type, log and diagnostic data.
  • Billing data — for paid plans, billing contact and subscription details (card data is handled by our payment processor, not stored by us).

3. How we use it

We use personal data only to deliver and improve the service you asked for: to transcribe your voice notes, structure them into insights, assemble cited briefs, share attributed memory with the account team according to your permission tiers, secure the service, provide support, and handle billing. We do not use it to build advertising profiles.

4. Legal bases (GDPR Art. 6)

  • Contract — to provide the service to you or your firm.
  • Legitimate interests — to keep the service secure, prevent abuse, and improve reliability, balanced against your rights.
  • Consent — where required (e.g. certain optional features); you can withdraw it at any time.
  • Legal obligation — to meet our compliance and record-keeping duties.

5. Our promises

  • No ads. We do not sell your data or use it for advertising.
  • No cross-app tracking. We don't follow you around the internet.
  • No training on your client data. Your voice notes, transcripts, insights and briefs are never used to train our or third parties' models.

6. Voice notes, transcripts & AI processing

Your audio is processed to produce a transcript and to structure it into insights; briefs are generated from the memory you and your team have captured. Confidere is grounded-or-silent: every brief line is traceable to a source, and AI-generated output is marked and cited, in line with the EU AI Act (Art. 50). Processing takes place within the EU (see §8). You can edit or delete the underlying notes, and the briefs change accordingly.

7. Sharing & sub-processors

We don't sell personal data. We share it only with vetted sub-processors who help us run the service under contract and on our instructions — for example cloud hosting and infrastructure (Google Cloud, region europe-west4), and speech/AI processing performed within the EU. A current list of sub-processors is available on request at [email protected], and firm customers receive advance notice of changes under the DPA. We may also disclose data where legally required, having assessed each request.

8. Data residency & international transfers

Confidere is EU-hosted by default: personal data is processed and stored in the European Union (Google Cloud, europe-west4). We design to keep data EU-resident and avoid transfers outside the EEA. Where a transfer is ever necessary, we rely on an appropriate safeguard such as the European Commission's Standard Contractual Clauses. Regulated firms can additionally choose customer-held encryption keys, EU-partner-operated controls, or a fully air-gapped, on-prem deployment — see Sovereignty.

9. Retention

We keep personal data for as long as your account is active and as needed to provide the service, then delete or anonymise it within a reasonable period, unless a longer period is required by law. You can delete individual notes, or your whole account, from inside the app at any time; firm-plan retention is configured by your organisation.

10. Security

We protect your data with encryption in transit and at rest, access controls and least-privilege, audit logging, and ongoing security testing. Our technical and organisational measures are described in Annex II of our DPA. No system is perfectly secure, but security is central to how Confidere is built.

11. Your rights

Subject to applicable law, you can request access, rectification, erasure, restriction, portability, and object to certain processing, and withdraw consent where we rely on it. Use the controls in the app, or contact [email protected]. If your firm is the controller, we'll route your request to them. You also have the right to lodge a complaint with your local data-protection authority.

12. Cookies

We use only the cookies and similar technologies needed to keep you signed in and to keep the service secure and reliable. We do not use advertising or cross-site tracking cookies.

13. Changes & contact

We'll update this policy as the service evolves and revise the date above; material changes will be notified in-app or by email. Questions or requests: [email protected]. Our Data Protection Officer can be reached at [email protected].

Read the DPA → Terms of Service →