BPetit Privacy Policy

The Service is operated under the name BPetit. For the purposes of GDPR, BPetit is the data controller of the personal information described in this Policy — meaning we decide why and how your information is processed.

You can reach us about anything in this Policy, or to exercise your privacy rights, by email at support@bpetit.com. This is the primary contact point for all privacy questions, rights requests, and complaints.

We collect only the information needed to run the Service. Below is a precise, grouped inventory of what we hold.

Account and identity data. Your email address (used by our authentication provider to manage sign-in; your password is hashed by that provider and is never stored in plain text by us), a unique account identifier, your account creation date, and a display name (by default derived from your email prefix at sign-up). You may optionally add a phone number, a postal address, and a profile picture (either an uploaded avatar or a preset avatar identifier).

Age-verification and consent data. Your date of birth (full date, used to confirm you are at least 18) and an age-verified flag; the timestamp at which you accepted this Policy and our Terms, and the version of those documents you accepted. We use this to apply our 18+ requirement and to record your acceptance. Note that this is self-declared date of birth, recomputed on our servers — it is an age check based on what you provide, not document- or identity-based age verification.

Pet profiles. For each pet you add: name, species, breed, date of birth, photo, microchip number, spay/neuter status, allergies, known health conditions, a generated QR code for lost-pet lookup, a lost-pet flag, and a microchip-findable opt-in flag.

Pet health records. Weight records; vaccinations (vaccine name, dates, provider, optional certificate, reminder settings); vet visits (date, clinic, veterinarian, reason, diagnosis, notes); medications (name, dosage, frequency, timing, meal relation, start/end dates, reminder times) and individual dose logs (scheduled time, taken/skipped status, notes); and uploaded documents (file name, category, file size, MIME type, and the stored file).

AI assistant (PetitPal) data. The messages you send to and receive from PetitPal, stored as your conversation history, optionally linked to a specific pet; short factual notes ('pet memories') that may be extracted from those conversations; and a server-side log of your AI request counts used to enforce usage limits. See Section 6 for details.

Training plans. Plans you create or generate for a pet, including titles, descriptions, and step lists with completion status.

Community and social data. Posts (text, optional images, topic tag, reaction and comment counts), comments, reactions ('paws'), the pets you follow, content reports you submit (reason and optional note), and a profile-visibility setting (public, followers, or private). Images you attach to community posts are stored in a dedicated private storage bucket. Moderation flags may also be associated with content.

Emergency and lost-pet data. Emergency contacts you save for a pet (type, name, phone, address, notes). When someone finds your pet through a QR code or microchip lookup, the finder may submit a found-pet report containing their name, a phone number and/or email, a free-text description of where the pet was found, and a message. The finder's location is free text only — we do not collect GPS coordinates or any precise geolocation. (See Section 6A for the notice that applies to finders.)

Subscription and billing data. Your subscription tier and status, expiry/period dates, cancellation flags, and identifiers issued by our payment processor (a customer ID, subscription ID, and price ID). We do not collect or store your card number or other payment-method details — those are handled directly by our payment processor (see Section 8).

Notification data. Your notification preferences (medication, vaccination, appointment, email, and push toggles) and, if your browser grants permission for push notifications, your browser's Web Push subscription (an endpoint and cryptographic keys) used to deliver them. We also maintain an internal queue of pending notifications (recipient, type, title, body, scheduling and delivery status).

Administrative and moderation data. An admin flag, an optional account-suspension timestamp set by our moderators, and a flag tracking whether a welcome email was sent. Reports you submit and any moderation decisions (status, reviewing moderator, internal reviewer notes, and review time) are retained for safety and record-keeping.

Technical and usage data. Like any online service, our infrastructure providers automatically record technical information when you use the Service — for example, server and access logs that can include your IP address, the pages or endpoints requested, timestamps, and basic device/browser information. We also keep a server-side log of AI request counts (described above) to enforce usage limits. We use this data to operate, secure, and troubleshoot the Service. We do not use it for advertising or cross-site tracking.

For California residents (and as a clear summary for everyone), the table below maps the statutory categories of personal information under the CCPA/CPRA that we have collected in the preceding 12 months to their sources, the business purpose for collecting them, and the categories of recipients with whom we disclose them. We do not sell or 'share' (for cross-context behavioral advertising) any category.

• Identifiers (email, account ID, display name, optional phone/postal address, IP address) — Source: directly from you and automatically from your use of the Service. Purpose: account creation, authentication, communication, security. Recipients: Supabase (database/auth), Resend (email), Vercel (hosting/logs).
• Customer records / commercial information (subscription tier and status, billing periods, payment-processor identifiers) — Source: from you and from our payment processor. Purpose: providing and managing subscriptions. Recipients: Paddle (payments), Supabase.
• Internet or other electronic network activity (server/access logs, AI request-count logs, push subscription metadata, notification queue) — Source: automatically from your use of the Service. Purpose: operating, securing, and rate-limiting the Service; delivering notifications. Recipients: Vercel, Supabase, your browser's push service.
• Sensitive personal information (account credentials) (your login email and the password handled by our authentication provider) — Source: from you. Purpose: authenticating you. Recipients: Supabase (auth). We use this only to provide the Service and do not use it to infer characteristics.
• User-generated content and other information you provide (pet profiles and health records, AI conversations, community posts/comments, emergency contacts, uploaded photos and documents) — Source: from you and, for found-pet reports, from finders. Purpose: delivering the pet-health, AI, community, and lost-pet features. Recipients: Supabase (storage/database); DeepSeek (only the AI messages and pet context you submit to PetitPal); other users where you choose to make content visible.

We do not knowingly collect the categories the CCPA defines as 'geolocation data' (precise location), 'biometric information', 'professional or employment information', 'education information', or 'inferences drawn to create a profile'. The 'date of birth' we collect is used solely for the 18+ age check and consent records.

• To provide your account and the Service — authenticate you, maintain your profile, and store and display your pets' records so you can access them across devices.
• To manage pet health records — let you record and view vaccinations, vet visits, medications, weight, and documents.
• To send reminders and notifications — deliver medication, vaccination, and appointment reminders, found-pet alerts, and account or system messages by email and/or web push, according to your preferences.
• To power PetitPal — process the messages you send to generate AI responses, retain your conversation history, and surface relevant pet facts (see Section 6).
• To operate the lost-pet finder — generate QR codes, allow microchip-based lookup of pets that have opted in, accept found-pet reports, and relay finder contact details to the pet's owner.
• To run community features — publish your posts and comments, show reactions and follows, and apply your profile-visibility setting.
• To manage subscriptions and billing — determine your tier, gate premium features, and let you manage or cancel your subscription via the payment processor's customer portal.
• To keep the Service safe and lawful — enforce our Terms, apply content moderation (including an automated banned-words filter and user reporting), prevent abuse, enforce AI usage limits, and apply account suspensions where necessary (see Section 6B on automated processing).
• To meet legal obligations — apply our 18+ requirement, record consent, and respond to lawful requests.

Where GDPR applies, we rely on the following legal bases:

• Performance of a contract (Article 6(1)(b)) — to create and maintain your account, store and display your pets' records, run the lost-pet finder and community features you use, deliver the reminders you have enabled, and provide and manage your subscription.
• Consent (Article 6(1)(a)) — for any optional processing that requires it. You may withdraw consent at any time (see Section 12); withdrawal does not affect processing already carried out.
• Legitimate interests (Article 6(1)(f)) — to secure the Service, prevent abuse and fraud, moderate community content, enforce AI usage limits, deliver service-related notifications, and maintain and improve the Service, balanced against your rights and freedoms.
• Legal obligation (Article 6(1)(c)) — to apply our 18+ age requirement, maintain consent records, and respond to lawful requests or comply with applicable law.

When you use PetitPal, the messages you send — together with relevant context such as the pet's name, species, and health details you have recorded — are transmitted to our AI provider, DeepSeek, whose servers process them to generate a reply. DeepSeek operates from China, which has not received an EU adequacy decision, and DeepSeek does not disclose to us how long it retains the content it receives or how it uses it. We do not control DeepSeek's data practices, which are governed by DeepSeek's own policies. See Sections 7 and 10 regarding international transfers.

Within BPetit, your PetitPal conversations are retained as your conversation history for 90 days from the time each conversation is created, after which they are automatically deleted from our database. You can also delete any conversation yourself at any time within the Service. We may extract short factual notes from conversations ('pet memories') to improve future answers about your pet; you can remove these by deleting the related conversation or pet.

This section is addressed to finders — members of the public who use a pet's QR code or microchip lookup to report that they have found a pet. It is not aimed at BPetit account holders.

If you submit a found-pet report, we collect the name you provide, a phone number and/or email (at least one is required so the owner can reach you), a free-text description of where you found the pet, and any message you write. We do not collect your precise location or GPS coordinates.

We use this information for the single purpose of relaying it to the pet's owner so they can contact you and recover their pet — our legitimate interest (and yours) in reuniting lost pets. Your contact details are shared only with that pet's owner, through an in-app notification and the alert email we send them; they are not published publicly and are not used for marketing. We keep found-pet reports while they remain useful to the owner and as described in our retention schedule (Section 11). To ask about, access, or delete a report you submitted, email support@bpetit.com.

We use limited automated processing in two places: (1) PetitPal extracts short factual notes ('pet memories') from your AI conversations, and (2) new community posts and comments pass through an automated banned-words filter that can reject content containing a small list of prohibited terms, and content can be flagged for review.

These automated steps do not produce legal or similarly significant effects about you by purely automated means within the meaning of GDPR Article 22. Decisions that meaningfully affect your account — such as flagging content for action, removing content, or suspending an account — involve a human moderator's review rather than a solely automated decision. Account suspensions are time-limited and applied by a moderator. If you believe content was wrongly removed or your account wrongly restricted, contact support@bpetit.com.

The health records in BPetit relate to animals, not humans, and so are generally not 'special category' personal data under GDPR. Even so, we recognize this information is important and personal to you, and we apply the same security and access controls (see Section 13) to it as to the rest of your data. Health records are visible only to you unless you choose to share them — for example by posting in the community or marking a pet as findable. You decide what you record and what, if anything, you share. Be aware that any pet details you discuss with PetitPal are transmitted to our AI provider as described in Section 6.

We share information only with the service providers ('processors'/'subprocessors') below, each strictly to perform the function described, and with other users only where you choose to make content visible to them:

• Supabase — our core database, authentication, and file storage provider. Hosts your account data, pet profiles, health records, uploaded avatars, pet photos, community post images, and documents, community content, AI conversation history, push subscriptions, and subscription metadata. Hosted in Ireland (EU).
• Paddle — our payment processor and merchant of record for subscriptions. Receives subscription and billing data and handles your payment-method details directly; we store only Paddle-issued identifiers, not your card data.
• DeepSeek — our AI provider. Receives the PetitPal messages and pet context you submit, in order to generate responses (see Section 6). Operates from China; retention undisclosed.
• Resend — our transactional email provider. Receives the email address and message content needed to send reminders, welcome emails, and found-pet alerts (which include the finder's contact details you would otherwise see in-app). US-based.
• Web Push delivery (VAPID / your browser's push service) — if push permission is granted in your browser, notification payloads are delivered through your browser vendor's push service to your device. We do not use Firebase Cloud Messaging.
• Vercel — our hosting and serverless/cron infrastructure provider. Application traffic transits Vercel's network (which may generate operational logs), and scheduled jobs trigger reminder processing.

Fonts. Our website typefaces (Inter and Poppins) are self-hosted and served from our own infrastructure at build time; under our current configuration your browser does not make a runtime request to Google's font servers to load them. If this changes, we will update this Policy.

We may also disclose information where required by law, to enforce our Terms, to protect the rights, safety, or property of BPetit, our users, or the public, or in connection with a sale or transfer of the Service or our business, in which case we will require the recipient to honor this Policy.

Information visible to other people. Content you choose to make public (such as community posts) is visible to other users according to your profile-visibility setting. When someone finds your lost pet and submits a report, their contact details are shared only with you, the pet owner; finders are never given your identity by us.

Subscription payments are processed by Paddle, which acts as the merchant of record. Paddle collects and processes your payment-method details directly and is responsible for that data under its own privacy terms. BPetit stores only the subscription tier, status, period dates, cancellation flags, and the identifiers Paddle issues to link your account to your subscription. You can manage or cancel your subscription through Paddle's customer portal, which we make accessible from your account.

BPetit serves a global audience, and some of our providers are located outside your country, including outside the EU/UK. Our email provider (Resend) is US-based and our AI provider (DeepSeek) operates from China; our database (Supabase) is hosted in Ireland (EU).

Where we transfer personal data from the EEA, UK, or Switzerland to a country that has not received an adequacy decision, we work to put in place appropriate safeguards — such as the European Commission's Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable) — together with additional measures where needed.

We keep personal information only as long as we need it for the purposes described in this Policy. The following schedule sets out, by category, the retention period or the criteria we use to determine it:

• Account, profile, pet, and health records — retained while your account is active; deleted when you delete your account (see Section 12), except where a longer period is required by law.
• PetitPal conversations and extracted pet memories — automatically deleted 90 days after each conversation is created, or sooner if you delete the conversation; pet memories are removed when the related conversation or pet is deleted.
• Consent and age-verification records (acceptance timestamp, policy version, age-verified flag, date of birth) — retained for the life of the account and, after deletion, only as long as needed to evidence that we met our legal obligations, then deleted.
• Subscription and billing records — retained while your account is active and thereafter only as long as needed to meet financial, tax, and accounting obligations.
• Community content, reactions, follows, and reports — content is deleted with your account; moderation reports and reviewer notes may be retained somewhat longer where needed for safety, abuse-prevention, and record-keeping, then deleted.
• Notification queue entries — short-lived; retained only until a notification is delivered or expires, then cleared in routine maintenance.
• Found-pet reports — retained while useful to the owner and deleted with the owner's account; finders may request earlier deletion (Section 6A).
• Technical and operational logs (server/access logs, AI request-count logs) — retained for a limited period for security, debugging, and abuse-prevention, then deleted or aggregated; logs held by our infrastructure providers follow their own short retention windows.
• Backups — data may persist in encrypted, time-limited backups for a short period after deletion before those backups are overwritten on their normal cycle.

Where we cannot give a fixed period, we determine retention by the criteria above — principally the duration of your account, the purpose for which the data was collected, and any legal, tax, or dispute-resolution obligation that requires us to keep it.

Exporting your data. You can download a copy of much of your data at any time from Settings → Account → Data Export. The automated export is a JSON file containing your account details, your profile, and your pets together with their vaccinations, medications, vet visits, and weight records.

Deleting your account. You can delete your account at any time from Settings → Account. For your security, deletion requires re-entering your password. When you delete your account, we remove your authentication record and, by cascading deletion, your linked profile, pets, health records, documents, AI conversations, pet memories, training plans, community posts and comments, follows, reactions, reports, subscriptions, and queued notifications. We also purge the files you uploaded across all of our storage areas — avatars, pet photos, documents, and community post images, including files held in nested folders.

After deletion, limited information may persist for a short time in operational logs and encrypted backups (as described in Section 11) for security and compliance purposes, and we may retain the minimum necessary to comply with legal obligations or to resolve disputes, after which it is deleted.

We take reasonable and appropriate technical and organizational measures to protect your information. These include encryption in transit (HTTPS/TLS), row-level security in our database so that you can access only your own records, private storage buckets for avatars, pet photos, community post images, and documents that are not readable by anonymous users, password hashing handled by our authentication provider, server-side enforcement of the 18+ age check and AI usage limits, and controls that prevent users from escalating their own privileges. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Breach notification. If a personal-data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where required by law (for example, under GDPR Article 34), notify affected users without undue delay — describing what happened, the likely consequences, and the steps we are taking and that you can take. We maintain internal procedures to detect, assess, and respond to incidents.

If you are in the EU, UK, or another GDPR jurisdiction, you have the right to: access your data; rectify inaccurate data; erase your data ('right to be forgotten'); restrict or object to certain processing; data portability; and to withdraw consent at any time where we rely on it. You can exercise some of these directly in the app (edit your profile, export the data covered by the automated export, or delete your account); for the full scope of these rights — including access to categories not yet covered by the automated export — contact us.

If you are a California resident, you have the right to know what personal information we collect and how we use it (see the categories table in Section 3); to access and delete it; to correct inaccurate information; to opt out of the sale or sharing of personal information; and to limit the use of sensitive personal information. As noted above, we do not sell or share your personal information for cross-context behavioral advertising, so there is nothing to opt out of in that respect, and we use the limited sensitive personal information we hold (your login credentials) only to provide the Service. You also have the right not to be discriminated against for exercising any of these rights.

To make a request, email support@bpetit.com. We will verify your identity before acting and will respond within the timeframes required by applicable law — generally within one month under GDPR (extendable for complex requests) and within 45 days under the CCPA/CPRA (extendable by a further 45 days where permitted). You may use an authorized agent where the law allows.

We use only strictly necessary cookies and similar local storage to run the Service. We do not use third-party advertising, analytics, or cross-site tracking cookies, and there are therefore no non-essential cookies for you to reject. The storage we use falls into these categories:

• Authentication / session — set by our authentication provider (Supabase) to keep you signed in and maintain your session. Typically lasts for the duration of your session and the validity period of your login token, and is renewed as you continue to use the Service.
• Core functionality / service worker — local storage used by the service worker that supports push notifications and offline-style behavior. Persists on your device until you clear it or unregister the service worker.
• Security / CSRF and routing preferences — short-lived values used to protect requests and to remember basic preferences such as your language/locale. These last from the current session up to a limited period.

Because all of the above are strictly necessary to deliver the Service you have requested, we rely on that legal basis rather than consent. You can manage or clear cookies and local storage through your browser settings, but disabling essential storage may prevent you from signing in or using parts of the Service.

Push notifications are delivered only if your browser or device grants push permission. When that permission is granted and you have push enabled in BPetit, we store your browser's push subscription so we can deliver reminders and alerts. You can turn notifications on or off at any time in Settings → Notifications (where you control medication, vaccination, appointment, email, and push toggles), and you can also revoke notification permission directly in your browser or device settings, which stops delivery.

We apply this at sign-up: you must provide a date of birth, and we re-check eligibility on our servers so the requirement cannot be bypassed by altering the page. This is a self-declared age check rather than identity- or document-based verification. The Service is not directed to children, and we do not knowingly collect personal information from anyone under 18. If we learn that we have collected information from a person under 18, we will delete it. If you believe a minor has provided us information, contact support@bpetit.com.

We may update this Policy from time to time. When we do, we will revise the 'Last updated' date and policy version above. For material changes, we may also notify you within the Service or by email and, where the change affects the basis on which you agreed to our terms, we may ask you to re-confirm your acceptance. We record the policy version you accepted so we can identify when re-confirmation is needed; if you accepted an earlier version, you may be asked to review and accept this one. Your continued use of the Service after an update takes effect means you accept the revised Policy.

If you have questions about this Policy or how we handle your information, or to exercise your rights, contact us at support@bpetit.com.

If you are in the EU or UK and believe we have not handled your data properly, you have the right to lodge a complaint with your local data protection supervisory authority (for example, your national Data Protection Authority in the EU, or the Information Commissioner's Office in the UK). We would, however, appreciate the chance to address your concerns first.