makemode
notebook · data safety · for tu delft data stewards

how the makemode notebook keeps research data safe.

Written for the person who has to sign off — a Data Steward, Information Security Officer, or Data Protection Officer. We won't ask you to trust us. We'll tell you exactly where your data, the code that processes it, and your questions go — and give you tests you can run yourself to check that we're telling the truth.

eu jurisdiction · scaleway, france · maps to tu delft's own data classification
Scope & status. The MakeMode Notebook is an early-stage prototype. The Maximum / on-device tier described here is built and working today; the Middle and Standard tiers are designed but not yet fully shipped, and are flagged as such throughout. Where a claim is architecture rather than a signed contract, we say so. This is a technical trust document, not a marketing page — please read it as one.
the core promise, per data class

you choose the tier before you add data.

The Notebook makes you pick a safety tier before a dataset is loaded — and each tier is labelled with TU Delft's own words. We validated the mapping against TU Delft's StorageFinder classification: Critical, Sensitive, Standard. Our tiers map one-to-one, and each one makes a different, precise promise about what (if anything) ever leaves the researcher's device.

MakeMode tier TU Delft class What the tier does Data leaves device? Status
Maximumon-device Critical
human-subjects / personal data — "identifies an individual"
The dataset is read, analysed and charted entirely on the researcher's own machine. No network call carries the data. Sharing is a local file the researcher hands over themselves. No — never Live
Middleeu compute Sensitive
confidential / competition-sensitive institutional data
For heavier jobs, data may be processed on EU compute we control (Scaleway, France) — transiently, in memory, then discarded. Never persisted to disk, never made public. Transiently, EU-only Planned
Standardeu-stored Standard
public or non-sensitive — "all other data"
For non-sensitive data: richer, EU-model-authored analysis plus an EU-hosted shareable link. The EU-hosted model may see column names and a small sample of rows to write the analysis. Yes, EU-stored Planned

The default is the strictest. A researcher opening the Notebook lands on Maximum. To send anything anywhere, they have to actively choose a lower tier — an informed, logged decision, not an accident. This is exactly the shape a data-classification workflow wants: the tool defaults to the safe answer.

be exact about the boundary

"safe" means three separate things. here's each one.

Most privacy claims blur together three things that a reviewer needs kept apart: your data, the runtime that processes it, and your intent (the question you ask). They travel differently, and honesty requires naming each. We will never tell you "nothing ever leaves" — that would be false. We'll tell you exactly which of these three moves, when.

boundary a

your data

The dataset itself — the CSV, the rows, the values. In Maximum (and in the desktop app for any tier), this never leaves the device. It is read into memory locally and processed there. Nothing is uploaded; the "bytes uploaded" counter reads zero because it is zero.

In Middle/Standard the data can leave — but only to EU compute we control, and only per the tier's rule (transient in Middle; EU-stored in Standard). Never to a US host, never to a model's maker.

boundary b

the runtime

The Python engine (pandas, NumPy, Matplotlib) that runs the analysis. This is code, not your data — it loads once and then processes everything locally. What it does with your data does not require sending your data anywhere.

Honest caveat: in the current web prototype, this runtime downloads once from a public CDN (Pyodide) on first load. In production it is self-hosted on Scaleway (EU). The desktop app runs a local Python kernel, so even the runtime is on-device. Either way, the download is generic engine code — never your dataset.

boundary c

your intent

The question you type, and the column names needed to turn it into code. In Maximum, intent stays local too — the plain-language-to-pandas translation happens on-device, so even your question doesn't leave.

Intent leaves the device only in Standard, and even then only the question plus column namesnever the data values — sent to an EU-hosted model to author a richer analysis. Middle keeps authoring local; only compute is offloaded.

Say it precisely, so it's true: on Maximum, none of the three leaves. On Middle, only your data leaves, transiently, to EU compute. On Standard, your data plus your intent leave, to EU infrastructure and an EU-hosted model — but the raw values are never handed to the model to read as free text. That is the whole boundary, stated without a marketing gap.

don't trust it — test it

every claim on this page is falsifiable. here's how.

A trust claim you can't check is just a slogan. These are the tests we'd run if we were reviewing us — each one is designed so that, if we were lying, you'd catch it in minutes.

1

the airplane-mode test

Open the desktop app (or the Notebook on the Maximum tier once its runtime has loaded), load a dataset, then turn off Wi-Fi / pull the network cable. Ask a question and run it.

Expected: the analysis still runs and charts still render, offline. If compute were happening on our servers, it would fail. It doesn't — because the computation is local.
2

the network-inspector / firewall test

Open your browser's Network tab (or run an outbound firewall like Little Snitch / lsof / a proxy) while you use the Notebook. Watch every connection it makes.

Expected — desktop: the only traffic is to 127.0.0.1 (the local Python kernel). Web prototype: a one-time runtime download from the Pyodide CDN, then nothing — and in no case a request whose body contains your dataset. Your rows never appear on the wire.
3

read the code

The Notebook is small and its logic is on the page — the plain-language-to-pandas translator, the file intake, the "0 bytes uploaded" accounting are all in readable client-side code. There is no minified black box doing something the source doesn't show.

Expected: you (or an auditor) can read exactly what runs, confirm there is no hidden upload path, and confirm the data-handling matches this page. We'll walk your team through it.

If any of these tests came out differently from what we've written, this document would be wrong — and you'd know within an afternoon. That's the point of publishing them.

how it fits your process

a tool that fits inside the process — not one needing an exception.

The goal is not to argue for a waiver. It's to be the option that already satisfies TU Delft's rules, so a researcher can adopt it without a special case.

EU jurisdiction & data residency. MakeMode's compute, inference and storage all run on Scaleway in France (fr-par) — one named EU processor under a single GDPR Data Processing Agreement. There is no US infrastructure anywhere in the path. That matters here specifically: TU Delft's own GDPR guidance warns against tools that route personal data outside the EEA. Google Colab / Drive do exactly that — personal or human-subjects data ends up on US-controlled infrastructure, the case TU Delft tells researchers to avoid. Even US "local workbench" tools that run notebooks on your laptop typically send context to a US-hosted model to generate code — so intent, and often data, still crosses the Atlantic. MakeMode's Maximum tier sends none of it; its lower tiers send only to the EU.

Maps to your existing workflow. The tier the researcher picks maps directly onto the artefacts you already require:

data classificationThe tier picker uses TU Delft's Critical / Sensitive / Standard labels, so classifying the data is configuring the tool. No translation step.
the dpiaFor a DPIA, the data flow is short and honest: on Maximum, personal data does not leave the device, so most transfer-risk questions answer themselves.
hrec / ethicsHuman-subjects data can be analysed on Maximum without leaving the researcher's machine — the posture an HREC/ethics review is usually looking for.

Infrastructure security posture. The underlying infrastructure (Scaleway) holds ISO 27001 certification for its data centres and cloud services, operated on French soil under EU law. We describe this at a high level here; we're glad to provide the specific certifications and sub-processor detail your security team needs for a file.

The honest framing: MakeMode is the tool designed to sit inside your governance, not to need an exception carved out of it. Where a commitment is still becoming contractual (as DPAs are signed), we say so on the trust overview and sovereignty pages.

scaleway · france (fr-par) single gdpr dpa no us infrastructure iso 27001 (infrastructure)
the limits, stated plainly

what we are not claiming.

Skeptics trust honesty about the edges more than confidence about the middle. So here are the caveats we'd want a reviewer to raise — raised by us first.

The web prototype fetches its runtime from a public CDN. On first load, the browser Notebook downloads the Pyodide Python engine from a third-party CDN (jsDelivr). That download is generic engine code — not your data — but it is a network request to a non-EU CDN, so we name it. In production the runtime is self-hosted on Scaleway (EU); the desktop app avoids it entirely with a local kernel.
Standard tier sends your question and column names to an EU-hosted model. To author richer analysis, the Standard tier transmits the question plus column headers and a small sample of rows to an EU-hosted model. It does not hand the model your full dataset as free text — but "a small sample of rows" is still data leaving the device, so use Standard only for non-sensitive data, as its label says.
Middle and Standard are designed, not fully shipped. Today's working product is the Maximum, on-device experience. The EU-compute (Middle) and EU-stored/shareable (Standard) tiers are architecture and roadmap, not features you can rely on this week. We flag them as planned rather than let a demo imply they're live.
This is early-stage software. MakeMode is a prototype, not a certified enterprise platform. Data-residency and processing commitments become fully contractual as data-processing agreements are signed — until then they are design intent and operating commitment, which is why we've made every claim here checkable rather than asked you to take it on faith.
for your security team

what to audit — and an open invitation.

If you're the one who has to sign the form, here's a concrete starting point. We'd rather be reviewed than believed.

audit checklist
  • Run the tests above — airplane mode, network inspector / outbound firewall, and a read of the client-side code. Confirm no dataset appears on the wire.
  • Inspect the runtime origin — verify the web prototype's one CDN fetch is engine code, and confirm the production/desktop paths (self-hosted Scaleway runtime; local kernel).
  • Trace the Standard-tier request — confirm exactly what fields are sent to the EU-hosted model, and that the endpoint is EU-hosted.
  • Request the paperwork — the GDPR DPA, sub-processor list, Scaleway's ISO 27001 scope, and a data-flow diagram for a DPIA file.
  • Ask for a source review — we'll give your team read access and walk through the data-handling code line by line.

Invitation: we welcome an independent review. Email hello@makemode.eu and we'll set up a source walkthrough and send the compliance detail your file needs. If your review finds something this page gets wrong, tell us — we'll fix the tool or fix the page.

built to be checked.

The safe default, EU rails end to end, and every claim testable in an afternoon. See it running, or get the detail your reviewers need.

trust overview · privacy · security · sovereignty

early-stage; data-residency and processing commitments described here are design intent and operating goal, becoming contractual as data-processing agreements are signed — not, at this stage, asserted as guarantees. tu delft classification terms (critical / sensitive / standard) are used descriptively to map to makemode's tiers; makemode is not affiliated with or endorsed by tu delft.