Your members' data. Protected by design.
MemberBridge is built for regulated financial services environments where data governance, auditability, and member trust are foundational requirements - not afterthoughts.
Six commitments we make to every scheme.
These principles shape every architecture decision, every product choice, and every contract we sign.
Data minimisation
MemberBridge reads member data at query time to answer a specific question. It does not copy, warehouse, or retain member records beyond what is needed to generate a response. Your administration system remains the single source of truth.
Not used to train models
Member conversations and scheme data are never used to train AI systems - by MemberBridge or any third party. Your scheme's knowledge and your members' information belong to you.
Full audit trail
Every interaction - the question asked, the data referenced, the answer given - is captured with a timestamp and stored in your audit log. Available to your compliance team at any time.
Governed responses
Your team controls what the assistant can address. Every response is grounded in knowledge your administrators have reviewed and approved. Questions outside scope are escalated - not guessed at.
Data residency
Member data is processed and stored within the region you require. We support UK and EU data residency requirements. Cross-border data transfers are explicitly avoided unless contractually agreed.
Role-based access control
Your admin panel uses role-based access controls. Scheme administrators, compliance reviewers, and read-only auditors each have appropriate access levels - with a full log of admin activity.
Your records stay yours. Always.
MemberBridge does not replicate your member database. When a member asks a question, MemberBridge retrieves only what is needed to answer it - then uses that data to compose a response. Nothing is stored beyond the conversation log.
Member asks a question
The question arrives through your embedded widget - secured by session authentication tied to your portal login.
Data retrieved at query time
MemberBridge retrieves only the relevant data fields from your administration system - the pot balance, contribution rate, or whatever is needed to answer.
Response generated and returned
The answer is composed using your scheme's approved knowledge and the member's live data, then returned. The retrieved data is not retained.
Conversation logged for compliance
The exchange is recorded in your audit log - question, answer, data referenced, timestamp. Available for your compliance team on demand.
What MemberBridge stores
- Conversation audit logs (question + answer)
- Session metadata (member ref, timestamp)
- Data fields referenced (logged, not stored)
- Admin activity log
What MemberBridge never stores
- × Copies of your member database
- × Financial values beyond the conversation
- × Authentication credentials
- × Data used for AI model training
Aligned to the frameworks that matter.
UK GDPR and EU GDPR compliant data handling. Data processing agreements available. Right of access and erasure supported.
Information security management aligned to ISO 27001 principles. Formal certification in progress.
Cyber Essentials Plus certified. Annual external penetration testing by an accredited third party.
Designed with regulated financial services environments in mind. No financial advice is given. All responses governed by your team.
Registered with the Information Commissioner's Office as a data processor.
Consistent with The Pensions Regulator's guidance on member communications and data protection.
How we protect the platform every day.
Have specific security requirements?
We work with schemes that have bespoke compliance, data residency, or procurement requirements. Talk to us and we'll walk through how MemberBridge fits.