Privacy notice
Last updated: 30 May 2026
Keymetrics is a healthcare governance tool used by Irish nursing homes and hospitals to manage audits, incidents, action plans, training, and policies. This page explains what personal data we collect, why we collect it, how long we keep it, and your rights under GDPR.
What data we collect
- Account data: your name, email, phone, and password. Used to log you in and let your colleagues find you.
- Work data: audits, incidents, action plans, policies, and training records that you create or view. Used to run the platform.
- Activity log: every meaningful action you take is logged with a timestamp. Used for HIQA compliance and to investigate security events.
- Technical data: your IP address and browser, for security and rate limiting.
Why we collect it
- Legal obligation (GDPR Article 6(1)(c)): HIQA requires us to keep records of audits, incidents, and staff training. We could not provide the service without keeping these.
- Contract (Article 6(1)(b)): your employer signed up for Keymetrics and we need to provide it to them.
- Legitimate interest (Article 6(1)(f)): we log security-relevant actions so we can detect and investigate misuse.
How long we keep it
| Data type | Kept for |
|---|---|
| Clinical records (incidents, audits, action plans) | 8 years from last update |
| Staff training records | 7 years from last active date |
| Audit log entries | 3 years (minimum) |
| Email logs | 90 days |
| Session data | 30 days |
Where we keep it
All data is stored in Hetzner data centres in the European Union (Falkenstein, Nuremberg, or Helsinki). We do not transfer your data outside the EU. The only exception is AI features (added in a future release) where we may send anonymised, non-clinical data to Anthropic's Claude API. Those features are opt-in.
Your rights under GDPR
- Right of access (Article 15): you can download all data we hold about you from your account settings.
- Right to rectification (Article 16): you can edit your profile from your account settings.
- Right to erasure (Article 17): you can request deletion of your account. Some data (clinical records you authored) may be retained in anonymised form for the retention periods above.
- Right to data portability (Article 20): the access export is in machine-readable JSON.
- Right to complain: you can complain to the Data Protection Commission (Ireland's data protection authority).
Security
- Your personal data is encrypted at rest with AES-256-GCM using per-tenant keys.
- Each tenant's data is isolated in a separate database schema.
- Two-factor authentication is mandatory for senior roles.
- All security events are logged in an append-only audit trail.
Contact
For any privacy question, email [email protected].