Metronome

Our Metronome product is suitable for use by companies who develop software. As a software creator, you probably already store personally identifiable information (PII) in a central service or database, but you don't record the specific purpose for which the data was collected. By centralising your PII, you comply with some privacy law features but are very likely failing full compliance. Metronome augments your existing GDPR/CCPA/PIPEDA data store to understand how and why your business uses personal data, attaching the specific reasons for data access to each interaction. Knowing the reason for each data access, we coordinate how long PII should be retained and let you know when to expire data according to your own data policies, bringing you into full legal compliance.

PDS Metronome benefits

Potential compliance failure

Many companies create a simple centralised store, accessed as a database or fronted by a microservice. Your other software components and services then access PII from this central location without indicating the reason for the data access or understanding which other components and services use that data. This gives some advantages but fails to fully implemement the legal requirements, leaving you open to significant fines. If you do not routinely delete stale data, you are very likely in breach of privacy law.

simple centralised PII store

Unless you know why the data is held, you can't be sure if the purpose or storage is limited nor can you be sure that you're only keeping data that is necessary.

Data policies

Central to our solution are data policies that you define and control with your Data Protection Officer (DPO). The policies have names that you give to your software developers to use when publishing telemetry. These policies specify the reason for the data access as well as how long the data should be retained for that reason in your business. For example, you might specify a policy named user-account-access to be used when a user logs in or updates their data and causes any data used to be retained for 2 years.

user account access policy
  • Clear and specific purpose
  • Retention policy specific to this purpose

Using policies you define, we coordinate and log which components use your data, why they use your data and how long to keep that data.

Publish telemetry to Metronome

As you access PII from your central store you can now also publish telemetry about your data access to Metronome, where your policies are defined and where we build a complete picture of your PII handling.

dashboard feature image
  • Coordinate which data is still in use and why
  • Purpose and retention duration known at column level
  • 'Zero trust' (we only see IDs, not data)

Telemetry can be published at a time and manner of your choosing. Keep web response times low and publish as and when you please.

Expire data that is not used

Let's assume a user creates an account on your website on the 5th of January 2023 and your user-account-access policy requires data to be kept for 2 years. This user also makes a purchase causing the Sales Processing service to use a data policy called order-delivery which retains data for 120 days. The user does not sign up for any marketing emails and does not log into your website again. According to your business policy, the data should be deleted on the 5th of January 2025.

example customer expiry
  • Log which systems access data
  • Coordinate between systems and policies

We publish day by day expiry information which your systems can read. You remain in control of your PII store and control how and when data is deleted.

Retain data that is used

Let's build on the previous example of a user creating an account on your website on the 5th of January 2023, making a purchase and also signing up for a marketing email. The policy used when sending this email might be called send-marketing-email and retain the data for 6 months. In practice you might send a quarterly marketing email. So long as this user does not change their marketing email consent, their data would be retained.

dashboard feature image
  • Known reason for data retention
  • Data retained due to actual data usage

Data can now confidently be retained and deleted according to actual use and not supposition or unclear reasons.