PDS Metronome augments your existing data stores to ensure personal data privacy law (GDPR/CPRA/PIPEDA etc.) compliance and to reveal insights on how your business uses personal data. Use automated risk reporting to understand reasons for data access, coordinate incident response, conduct impact assessments, and confidently expire data that is no longer used.
Metronome uses identifiers for data like customer-123 or customer-123/email. These identifiers and reasons for the data access are sent to us as telemetry. Using the time of access and the data use policy we calculate the retention time per data attribute and let you know when to delete it if is not reused.
Audit data access by user and software component
Tamperproof, off-device audit trail
Does not store or process personal information
Low risk, developer friendly integration
We never see the actual data, only IDs, so we are a safe, drop-in solution that provides advanced functionality with no risk.
Powerful reports allow you to monitor and manage access of personal data by individual users, external data processors, and software components. Our surveillance of changing usage patterns and active alerting helps you to spot a rogue team, staff member or a data leak in progress before it is too late.
Data protection impact assessments
Surveillance and anomaly detection
Automate data subject requests
Understand the paths through which data flows
Without understanding how your organisation uses personal data, you can't spot misuse. Our reports close this gap helping to mitigate risk.
Your existing data store may not be able to tell you why you initially collected each data item or when it was last accessed. Without this information you cannot know how long to retain it and when it should expire. Not routinely expiring personal data is definitely a compliance failure in many jurisdictions. Our reports and alerting helps cover any features you may be missing, providing expiry notices when data is no longer in use. Connecting specific data policies to each data access gives you peace of mind during compliance audits.
Coordinate which data is still in use and why
Identify unauthorised further processing by vendors
Confidently delete stale data
Reduce the chance of compliance failure fines
Prominent data privacy laws requiring routine data expiry:
Connect the reasons why you access data to named policies in code. These policies help us coordinate data retention across your business and illustrate the pathways that personal data follows through your organisation.
Data Protection Officers specify your policies
Customer jurisdiction appropriate policies
Policies explain purpose and retention duration
Low effort, coordinated data retention
Day-by-day data expiry notifications
Using only telemetry, we can coordinate between your software components what data is active and let you know which data you aren't using and can safely delete from your data store. Our service unifies your approach to many different privacy laws. By selecting country specific policies you satisfy the varying requirements of each jurisdiction's privacy law.
Our data access telemetry service is now in private beta. Service pricing after launch is dependent on the number of data items we track for you.
Up to 25,000 persons in production
Unlimited persons in development
Basic data usage insights
Up to 75,000 persons in production
Unlimited persons in development
Enhanced data usage insights
Up to 500,000 persons in production
Unlimited persons in development
Advanced data usage insights
Please contact us to discuss how we can help you protect a larger data set.
No you do not. Since we only see IDs, not actual personal data, you don't need to mention us as a data processor.
Yes, we provide open source client libraries in a range of popular programming languages. We also specify our API with OpenAPI (previously Swagger).
Each account is provided with segregated production and development instances. The development instance allows unlimited items but is rate limited to 20 API calls per minute. The production instance item count determines your monthly subscription cost and has no API rate limits.
No we do not. As a data service provider we are not in a position to provide legal guidance specific to your business case. Our partners do provide this support and guidance and we are very happy to refer you.