kmZen: mileage allowance tracking
A local-first, privacy-respecting tool for logging mileage allowances in a health centre, currently being turned into a European, GDPR-compliant SaaS.

Context
The caregivers of the Maison médicale de Watermael-Boitsfort-Auderghem (community health centre) make many home visits and must declare the corresponding mileage allowances. Those trips contain patient addresses (health data by inference), which made privacy a constraint from the very start.
What I did
Initially, a local-first, client-heavy tool: most of the processing happens in the browser, data is minimised, and logging allowances is made as frictionless as possible for caregivers.
I am now working on turning it into a European, GDPR-compliant SaaS:
- Geocoding and routing via European providers, proxied server-side (neither addresses nor IPs ever reach the provider).
- Encryption at rest (AES-256) of addresses and TLS in transit, hosted in Europe.
- Per-organisation isolation, access logging, and data minimisation: coordinators only receive monthly aggregates (km, amounts), never trip details.
- Recurring subscriptions (Mollie / Bancontact), offline cache.
- Sovereign architecture: a Nuxt frontend (static SPA) hosted on Infomaniak, a Nhost backend (Hasura GraphQL + PostgreSQL with row-level security).
Outcome
A tool built privacy by design from the ground up, now in transition: from a local tool for one health centre towards a GDPR-compliant SaaS platform open to Belgian care teams.