Privacy Policy

We collect the following categories of personal information:

• Account information — facilitator email address, account identifier, and authentication metadata used to sign in and manage workshops.
• Workshop content — live transcripts of what is spoken in the room while a session is active, including utterances attributed to participants and to the AI participant.
• Derived content — interim notes and the structured nine-section synthesis the service generates from the transcript.
• Consent records — confirmation that the consent notice was read aloud, that no participant objected, and the time and identity of the facilitator who confirmed it.
• Audit and usage data — an append-only log of significant events (session start, deletion requests, AI invocations, cost) and basic technical data such as timestamps.

Nothing in the room is transcribed or recorded before the facilitator confirms, on the server-enforced consent gate, that the consent notice was read aloud and no participant objected.

We use personal information only to provide and improve the service, specifically to:

• Authenticate facilitators and secure their accounts.
• Produce live captions, invited spoken contributions, interim sensemaking, and the final synthesis for a workshop.
• Maintain an immutable audit trail for transparency, accountability, and cost control.
• Meet our legal, compliance, and dispute-resolution obligations.

We do not sell personal information, and we do not use workshop content for advertising.

To generate contributions, notes, and synthesis, transcript content is sent to our AI model provider through the Vercel AI Gateway. The underlying models are Anthropic's Claude (Claude Sonnet 4.6 for synthesis and participant-mode responses, and Claude Haiku 4.5 for interim notes). This processing currently takes place on infrastructure located in the United States. These providers process the content on our behalf, under our instructions, to return a result. Transcript content is treated as data, not instructions, and the service is hardened against prompt-injection attempts.

We also rely on infrastructure and database providers — Supabase (managed PostgreSQL) for storage and Vercel for application hosting — to run and serve the service. We choose providers that offer appropriate security and contractual protections. The specific locations of these providers are set out in section 4 below.

Live speech-to-text and the AI participant's voice use your browser's built-in Web Speech and speech-synthesis features, which run on the participant's own device. Depending on the browser used, audio for speech recognition may be sent to that browser vendor's own cloud service, which is outside our control; we do not store raw audio.

We believe data residency is a sensitive issue and we want to be fully transparent about it. Although Participo is operated by an Australian entity bound by the APPs, the systems that store and process personal information are currently located outside Australia, primarily in the United States. The current arrangement is:

• Database and personal information storage — Supabase managed PostgreSQL, hosted in Amazon Web Services US East (N. Virginia), United States. This holds transcripts, derived notes and syntheses, consent records, audit logs, and account information.
• AI processing— transcript and derived content is processed by Anthropic's Claude models via the Vercel AI Gateway, on infrastructure in the United States.
• Application hosting — the Participo application runs on Vercel's cloud platform.
• Speech-to-text and voice — performed in the participant's browser on their own device; depending on the browser, recognition audio may be handled by that browser vendor's cloud service.

Because we disclose personal information to recipients located overseas, this is a cross-border disclosure under Australian Privacy Principle 8. We take reasonable steps to ensure overseas recipients handle the information consistently with the APPs, including relying on their security and contractual protections. You should be aware that information stored or processed in the United States may be subject to lawful access requests by US authorities under US law.

If your organisation requires Australian (or other specific) data residency before using Participo, please contact us using the details in section 10 before running a workshop. We will update this section if our infrastructure or its locations change.

Personal information is stored in a managed database with access controls, and access is restricted to authenticated facilitators for their own workshops and to authorised administrators. We apply reasonable technical and organisational measures to protect information from misuse, interference, loss, and unauthorised access, modification, or disclosure.

The physical locations where this information is stored and processed are described transparently in section 4, Data residency.

We keep workshop content and derived content for as long as your account is active or as needed to provide the service, subject to the retention settings configured for your workshops. When you request deletion, workshop content is removed and the workshop record is marked deleted.

Audit log entries are retained for seven (7) years to meet legal and accountability requirements, even after related workshop content is deleted.

You may request access to the personal information we hold about you and request that we correct it if it is inaccurate, out of date, or incomplete. Signed-in facilitators can:

• Export their personal information in a portable format. We respond within 30 days, at no charge for reasonable requests.
• Delete a specific workshop or their entire account. Deletion is processed within 5 business days; audit logs are retained for 7 years as described above.

These tools are available from your account. If you are a workshop participant rather than a facilitator and want to access or correct information about you, contact us using the details below and we will respond in line with the APPs.

If you believe we have breached the APPs, contact us first using the details below and we will investigate and respond. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

We may update this policy from time to time to reflect changes in our practices or legal obligations. The current version, with its effective date, will always be available on this page.

For privacy questions, access or correction requests, or complaints, contact our Privacy Officer: