pdPurpledecks
Product engineering · Rescue · Regulated & connected

We build and rescue software that has to work.

Senior engineers who design and build complete software products, from new apps and portals to regulated and connected devices. Based in Ireland, in the EU, since 2012.

Start a conversation Read the ResMed build →
EST. 2012 · 53.7°N -7.8°W · IRELAND · EU

Purpledecks is an established software engineering firm, working since 2012. We build regulated, connected and consumer products that ship, with a senior team, from Ireland, in the EU.

EST. 2012
SENIOR TEAM · IRELAND · EU
REGULATED · CONNECTED · CONSUMER
§ 01 · What we do
Five problems · find yours

Five problems we're built for.

Lane 01 · Lead

Production-readiness and technical due diligence

"My product is going in front of an investor, an acquirer or an enterprise customer. Find the risks before they do."

Technical due diligence, run as a fixed-scope Readiness Audit. We read the codebase the way the reviewer on the other side will.

READINESS AUDIT
· fixed scope · from $15,000 · €13,000 in Ireland & the UK
· decision memo: harden, rebuild or proceed
· remediation roadmap
Lane 02 · Build

Product, portal and operational-system build

"I have a serious product to build. A customer portal, an operational system, a connected product. I want it built properly, the first time."

Direct clients include RTÉ, Musgrave / Centra, Eir and Fáilte Ireland. Sage acquired the accounting software we built.

DESIGN · BUILD · SHIP · iOS · ANDROID · WEB · CLOUD
Lane 03 · Rescue

Software rescue and codebase takeover

"My developer disappeared. The codebase is a mess. My app was built with AI tools and now it has to be real."

We harden inherited and AI-built code for real users. We sell the engineering, not the AI.

RESCUE ASSESSMENT · fixed scope · from $5,000 · a decision and a plan
See how the Rescue Assessment works →
Lane 04 · Spine

Regulated and connected medical-device software

"I'm a funded founder, not big pharma. I need medical-device software built properly, under my quality system."

Software as a Medical Device, ready for the scrutiny that FDA and EU MDR bring.

IEC 62304 · IEC 62366-1 · ISO 13485 · FDA · EU MDR · BLE
See how we build medical device software →
Lane 05 · Partner

Senior delivery partner

"My team is at capacity. I need senior people now, who need no managing and leave the code better than they found it."

Senior team in Ireland, in the EU. No subcontracting, no offshore hand-off, and we overlap your US morning.

SENIOR TEAM · IRELAND · EU · NO HAND-OFF
§ 02 · The record

Proof you can check.

The claim we lead with
We build software to the standard that applies, under your quality system.
In medical devices that means IEC 62304 and IEC 62366-1, under your ISO 13485 quality system, our software risk analysis feeding your ISO 14971 file. ResMed is the proof.
Standards
IEC 62304 · IEC 62366-1 · ISO 13485 · ISO 14971
Stack
iOS · Android · firmware · BLE · cloud
Security & audit
Built to your requirements, including what a SOC 2 or ISO 27001 audit checks.
Track
since 2012 · implantable · biometric · national · consumer
RESMED · FIRE1 · SAFRAN MORPHO · IDEMIA · RTÉ · MUSGRAVE / CENTRA · EIR · FÁILTE IRELAND · SAGE
§ 03 · Regulated proof

Two cases that had to survive real scrutiny.

Case 01 · ResMedCONSUMER + HEALTH DATA · SHIPPED
The ResMed S+ bedside sleep device on a nightstand beside a bed.
The S+. ResMed's first consumer product. We built the software.

A new way to measure sleep, with nothing worn or attached.

Two products, two engagements, one client. We built the software for both.

Part one · The S+
BRIEFBuild the software for ResMed's first consumer product, a bedside device that measures sleep with nothing worn or attached.
CONSTRAINTSConsumer-grade reliability on regulated-grade discipline. Sensitive health data, handled properly.
OUTCOMEResMed's first consumer product, in the home and on the market.
Part two · SleepScore
WHAT WE BUILTThe world-first sonar sleep-tracking technology. The sonar science is ResMed's. We built the software for SleepScore, the product it shipped in.
OUTCOMEA sensing method that did not exist before, in a product that reached market.

ResMed is our client. SleepScore is the end product the sonar work went into. The sonar science is ResMed's. We built the software.

Case 02 · Fire1IMPLANTABLE · CLINICAL TRIALS

The Bluetooth SDK for an implantable cardiac device.

We built the original Bluetooth Low Energy SDK for an implantable device now in clinical trials. Connected-device engineering where the margin for error is zero.

§ 04 · The regulated position

Built to the standard.

Every regulated and audited domain works the same way. We build the software to the standard that applies, under your quality system. Medical device or financial system, the position is the same.

Medical devices are the sharpest and most nameable proof: we build to IEC 62304 and IEC 62366-1, under your ISO 13485 quality system, our software risk analysis feeding your ISO 14971 file. ResMed is the proof, with Fire1 the connected-device depth behind it. Here is how it maps to delivery.

Standard
What we do in delivery
The artefact we produce
What your QMS owns
IEC 62304
Risk-based software lifecycle, versioned and traceable
Design records, traceability, test evidence
Release authority, the QMS itself
IEC 62366-1
Usability engineering worked into the software lifecycle
Use-specification and use-related risk inputs, evidence for your usability file
The usability engineering file itself
ISO 13485
Work to your controlled processes and your regulatory partner's
Controlled documents, inputs to your design history file
The quality system itself and the regulatory process
ISO 14971
Software risk analysis feeding your risk file
Hazard and mitigation records
The risk management file
IEC 62304
What we do in delivery
Risk-based software lifecycle, versioned and traceable
The artefact we produce
Design records, traceability, test evidence
What your QMS owns
Release authority, the QMS itself
IEC 62366-1
What we do in delivery
Usability engineering worked into the software lifecycle
The artefact we produce
Use-specification and use-related risk inputs, evidence for your usability file
What your QMS owns
The usability engineering file itself
ISO 13485
What we do in delivery
Work to your controlled processes and your regulatory partner's
The artefact we produce
Controlled documents, inputs to your design history file
What your QMS owns
The quality system itself and the regulatory process
ISO 14971
What we do in delivery
Software risk analysis feeding your risk file
The artefact we produce
Hazard and mitigation records
What your QMS owns
The risk management file

The same model holds beyond medical devices. In finance, Sage acquired the accounting software we built and kept us on. Our heavier regulated-financial work sits under partner agreements we cannot show. We build to the standard that applies, under your quality system.

See how we build medical device software →
§ 05 · Selected work
The clients we can name.

Work we can put our name to.

Safran Morpho · Idemia

Biometric identity at national scale

Identity engineering for Safran Morpho and Idemia, on a UK government programme.
Broadcaster

RTÉ

Built and ran the RTÉ News apps for over ten years. Still a supplier today.
Retail

Musgrave / Centra

Built and ran the Centra app, Ireland's largest convenience chain, for years. Still a supplier to Musgrave, Centra's parent, today.
Telecoms

Eir

Built and maintained products across several engagements for the former national telecoms operator.
Tourism

Fáilte Ireland

Built and maintained the official Fáilte Ireland app for a number of years.
Accounting software

Sage

Acquired the accounting software we built and kept us on.
Behind the agencies

Momentum Design Lab · Isobar

We have been the development team behind global agencies. Their end clients are theirs to name, not ours.
§ 06 · From our own audit record
40+ takeovers · since 2012

What we find when we open other people's code.

Since 2012 we have opened and assessed more than forty codebases other people built. The same faults keep turning up. Here are four of the ones we see most.

Frequency is our own estimate. A senior team's honest read across the work, in bands, not counted figures.

The finding
How often
Hardcoded secrets
Passwords, keys and database logins written straight into the source, and committed into the history where they live forever.
Very common
Broken access control
Parts of the system with no login check. Anyone who reaches the server can do the thing.
Common
Happy path only
No handling for the third-party call that fails, the payment that times out, the request that half-completes.
Very common
Runs in a demo, falls apart in production
AI-built code that looked grand on screen, with nobody who understood production ever looking at it.
Nearly alwaysin AI-built work
One we opened

On one system we took over, a messaging token and a cloud key were sitting in the source and committed into the version history, where they live forever. Files that should have been private were in storage left open to the public internet. We rotated every key, locked the storage down, and wrote the data-handling paperwork that had never existed.

A note on confidentiality

Every example here is altered or combined so no client, system or project can be recognised, and we never name clients. What we find in yours stays between us.

§ 07 · Common questions

Straight answers.

Who does medical device software development to IEC 62304?
We do. We build medical device software to IEC 62304 and IEC 62366-1, under your ISO 13485 quality system, with our software risk analysis feeding your ISO 14971 risk file. We have shipped regulated, connected products since 2012. ResMed is the proof.
Do you build new products and systems, or only rescue them?
Yes, and building is most of what we do. We design and build products, customer portals and operational systems, start to finish. Direct clients include RTÉ, Musgrave / Centra, Eir and Fáilte Ireland, and Sage acquired the accounting software we built and kept us on.
Can you do technical due diligence for a startup before a raise?
Yes. Our Readiness Audit is a fixed-scope technical due diligence. We read the codebase the way an investor's reviewer will, then give you a decision memo and a remediation roadmap you can act on before the room does.
Do you do software project rescue?
Yes. We take over stalled, broken, inherited or AI-built codebases. We start with a fixed-scope triage and a written go-forward plan, then bring it to a maintainable, production-ready standard. It is our history, not a side line.
Can you make an AI-built app production-ready?
Yes. We harden AI-built and inherited code for real users, payments and regulated data. We sell the engineering, not the AI.
Are you offshore?
No. Senior engineers, based in Ireland, in the EU. No subcontracting, no offshore hand-off. The people who scope your work are the people who build it, and we overlap your US morning.
Can you work under our quality system?
Yes. We build to your quality management system and your regulatory partner's process. We build the software to the standard that applies.
§ 08 · Honest

When we're not the right fit.

Naming who we're not for is how you know the rest is true.

·If price is the only thing that matters. We're not the cheapest, and we won't pretend to be.
·If you want a band-aid on a broken build. We'll tell you what needs rebuilding, and we'll walk if you won't let us do it properly.
·If you need the comfort of a big name. We're a senior firm, not a big brand. That's the point of us.
·If it's a pure AI project with no product to build. That's our sister brand, Deep Purple AI. We'll point you there.
·If it's a transformation programme across a big enterprise or a multinational. That's big-consultancy work, and it isn't us.
§ 09 · Who you'll work with

Senior engineers, not a sales layer.

You will work with the people who do the work. Here is who. Short, checkable bios, so you can verify us before you ever get on a call.

Brian Egan

Brian Egan

Founder & CEO

Brian started in neural network research at Dublin City University, then held a Marie Curie Research Fellowship from the European Commission, researching in Germany. He spent eight years building on-device software for the world's largest mobile operators, founded Purpledecks in 2012, and co-founded Reactable.

Scopes the engagement and sets the technical direction.

LinkedIn →
Barry Gough

Barry Gough

CTO

Barry holds an MSc in Computer Science from University College Dublin, with machine learning at its core, and has spent more than 15 years building production software. He came up through native mobile and backend engineering, led delivery on regulated and connected-device work, and co-founded Reactable.

Leads the engineering on every build.

LinkedIn →

Behind them is a senior core of engineers, product and delivery people. Barry leads the engineering on every build. No hand-offs.

Note

Purpledecks and Deep Purple AI are two brands of the same company, Purpledecks Ltd. Purpledecks is the software engineering brand: product build, rescue, and regulated, connected-device work. Deep Purple AI markets AI implementation for established businesses. The same senior team is behind both.

Start here

Bring us the part that has to work.

Most of our work starts with a conversation, or a scoped Readiness Audit. Both are a straight, senior read on where you actually are.

Start a conversation Book a Readiness Audit →
A senior engineer replies. No handoffs, no sales layer.
For rescue work: NDA first. Your code stays in your repositories. We work in your environment.
PURPLEDECKS
53.7°N -7.8°W · IRELAND
EST. 2012 · EU
hello@purpledecks.com
linkedin.com/company/purpledecks