Keystone
by CloudVoro
Try the sandboxTalk to us →
Legal & Disclosures

What we are. What we aren't.
In writing.

Plain-language disclosures covering certification scope, compliance language, trademark attributions and the small print behind pricing. If you need a copy formatted for procurement or a Master Services Agreement, email legal@cloudvoro.com.

Effective May 2026 · Last reviewed May 2026

1. Product certification scope

What we say · What we don't say

Keystone is designed to support your FSAI, HACCP and BRCGS traceability workflows. It provides an immutable audit log, signed PDF exports and one-click full-chain backward and forward trace — the technical evidence retailer auditors and competent authorities expect.

Keystone is not independently certified to any GFSI, BRCGS, IFS, SQF, FSSC 22000 or ISO 22005 product-certification scheme. Formal product-level attestation of the platform is a 2026 roadmap item. Your site certification remains your responsibility — we are a tool that helps you evidence the controls your scheme already requires.

Important: A retailer or auditor asking whether your software is "BRCGS certified" is almost always asking whether your site holds a current BRCGS certificate. The software you use to run your batch traceability is not in scope of that audit — only the records it produces are. Keystone produces those records.

2. Compliance language & regulatory advice

Statements on this website such as "FSAI-ready", "HACCP-aligned", "BRCGS Issue 9 mock-recall compatible" and "signed PDF for auditors" describe the technical capabilities of the software and the supporting evidence it produces.

These statements are not legal or regulatory advice. Compliance with EU Regulation (EC) 178/2002, the Food Safety Authority of Ireland Act 1998, the Sea-Fisheries Protection Authority (SFPA) regulations, BRCGS Global Standard for Food Safety Issue 9 (or any successor issue), or any retailer-specific code of practice remains your responsibility. We strongly recommend you engage a qualified food-safety consultant or auditor to confirm your specific obligations.

3. Pricing terms

Headline pricing on this site

  • Standard licence: €790 / month / site, billed monthly. All core modules unlocked. Reasonable-use users (typically 5–15 named accounts per site).
  • Plus tier: €1,290 / month for up to 3 sites under a single tenant.
  • Annual discount: 15% off the headline rate when paid annually in advance (Standard: €8,058 / yr).
  • Implementation: Fixed-fee quoted in writing per engagement. Typical range €4,950–€16,500 depending on customer count, retailer integrations and historical data import scope.

Prices exclude Irish VAT (charged at the prevailing rate where applicable) and are denominated in Euros (€). Quoted prices are valid for 30 days from the date of the written quote unless explicitly extended. Pricing on this website may be revised with 60 days' notice to existing customers; in-contract pricing is held for the duration of the signed agreement.

4. Implementation timelines

"Pilot live in 30 days" describes our standard implementation target for a single-site producer with a typical customer count and retailer integration list. Actual go-live depends on data quality, customer code mappings, AccountsIQ / accounting integration scope, and your team's availability for the workshop programme. We commit to a timeline in writing inside the implementation Statement of Work — not on this marketing page.

5. Performance & benchmark claims

Claims such as "backward trace in under 30 seconds", "mock-recall in 90 seconds" and "COA generated in 6 seconds" are based on realistic operational benchmarks measured against the seeded sandbox dataset on production infrastructure as of May 2026. Real-world performance on your data depends on dataset volume, network conditions and downstream integrations.

6. Founding-customer attribution

Keystone's founding production deployment is at J&L Grubb Ltd, trading as Cashel Farmhouse Cheesemakers, Fethard, Co. Tipperary. Quotes attributed to Louis Clifton Brown, Sarah Furno and Sergio Furno are used with their written permission. Photographs of the Cashel Blue dairy floor are used under a content licence with J&L Grubb Ltd. Cashel Blue® and Crozier Blue® are registered trademarks of J&L Grubb Ltd.

7. Trademark & third-party attributions

The names and logos referenced on this site remain the property of their respective owners. References below are descriptive — they do not imply endorsement, partnership, certification or affiliation.

  • FSAI — Food Safety Authority of Ireland.
  • SFPA — Sea-Fisheries Protection Authority.
  • BRCGS — BRCGS is a brand of LGC Group; the BRCGS Global Standard is the property of LGC.
  • AccountsIQ — AccountsIQ is a trademark of AccountsIQ Technology Ltd. Keystone integrates with AccountsIQ via published API — we are not a reseller of, partner with, or endorsed by AccountsIQ.
  • Sage / Xero / QuickBooks / SAP / Microsoft Dynamics — referenced descriptively for integration and comparison context only.
  • MRPeasy, Wherefour, Datatrack, Sage X3 Food & Beverage — competitor names referenced in good-faith comparison; pricing and feature claims are based on each vendor's public materials as of May 2026 and may change.
  • HACCP — Hazard Analysis and Critical Control Points — a Codex Alimentarius framework, used descriptively.
  • Tesco, Musgrave, Lidl, ALDI, Dunnes Stores, Dean & DeLuca — retailer names are referenced in good-faith product context (e.g. dispatch-format examples in screenshots and demo data). Their use does not imply endorsement.

8. Demo data & screenshots

All names, suppliers, customers, batch numbers, dispatch references and quantities shown in the public sandbox and in marketing screenshots are fictional demonstration data. Any resemblance to real-world transactions of named retailers is coincidental and used solely to illustrate the product's capabilities.

9. Hosting, data residency & GDPR

Keystone is hosted in AWS Ireland (eu-west-1, Dublin) by default. Each tenant runs in its own logically isolated database. Data is encrypted at rest (AES-256) and in transit (TLS 1.3). CloudVoro is a registered data controller / processor in Ireland. Privacy queries go to privacy@cloudvoro.com.

CloudVoro is below the GDPR Art. 37(1) threshold that mandates a formally designated Data Protection Officer; we operate with an internal Data Protection Lead. Our founder is a member of the Association of Data Protection Officers (ADPO) Ireland — held for professional development only. Under Art. 38(6) an owner or director cannot also serve as the organisation's DPO. The current Privacy Contact, sub-processor list and security posture are published at /site/privacy, /legal/sub-processors and /site/security.

10. Service availability & warranty

Keystone is provided on a best-effort basis with a target uptime of 99.5% measured monthly, excluding scheduled maintenance announced 7 days in advance. The website (keystone.cloudvoro.com) marketing content is provided "as is" with no warranty of fitness for any particular purpose. Specific service-level commitments, including incident response targets and refund mechanics, are set out in the executed Master Services Agreement with each customer.

11. Limitation of liability

Nothing on this website constitutes an offer to contract. A binding commercial relationship arises only on signature of a written Statement of Work or Master Services Agreement with CloudVoro. To the maximum extent permitted by Irish law, CloudVoro's aggregate liability for any claim arising from use of this website or the marketing materials it contains is limited to €100. Liability under signed agreements is governed by the limits set out in those agreements.

12. Governing law

This website, and any contract formed under it, is governed by the laws of Ireland. The Irish courts have exclusive jurisdiction to resolve any dispute, subject to your statutory consumer rights where applicable.

13. Reporting an issue

If you spot a factual error in any claim on this website, a missing attribution, or a content concern relating to your business, please write to legal@cloudvoro.com. We respond to good-faith content concerns within 5 business days.

Company details. CloudVoro (Ireland) — software venture studio. Sister company to Intellix IT Solutions Ltd (United Kingdom). Registered office and Companies Registration Office (CRO) details available on request via the contact address above.
Compliance & trust

How we keep your
data and your audits safe.

We are honest about what's certified and what's in progress. Anything marked "in progress" reflects active work towards a recognised standard — never marketing decoration. Privacy queries go to privacy@cloudvoro.com. Sub-processor list at /legal/sub-processors. Full security posture at /site/security.

Live
Hosted in EU / Ireland
Customer data resides on AWS Ireland (eu-west-1) — never leaves the EU.
Live
GDPR · Privacy Contact named
Internal Data Protection Lead handles subject access requests. Owner is ADPO Ireland member.
In progress
NIS2 · building toward readiness
Tenant isolation, audit trails and MFA support customers in NIS2 scope. CloudVoro itself is below the size threshold; not yet certified.
In progress
ISO 27001 · alignment
We map our controls to Annex A but hold no third-party certificate. Formal certification on the 2026 roadmap.
In progress
Cyber Essentials · planned
UK Cyber Essentials assessment is on our roadmap. We will name the assessing body (IASME) and a confirmed date here once scoped.
Live
Encryption · at rest & in transit
TLS 1.3 in transit, industry-standard symmetric ciphers at rest, KMS-managed keys.