Privacy Policy

Last Updated: January 5, 2026

1. Introduction

PawIQ ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App") and related services.

This policy is designed to comply with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA) and applicable US state privacy laws (including CCPA/CPRA).

2. Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device.

2.1. Information You Provide to Us

• Account Data: Email address, name, and password (encrypted) when you register.
• Pet Data: Name, breed, age, weight, and health logs of your dog.
• User Content: Photos of your dog, photos of dog stool or vomit uploaded for analysis, and behavioral notes.
• Support Data: Information sent when you contact customer support.

2.2. Information Collected Automatically

• Device Information: Device type, operating system, unique device identifiers (e.g., IDFA or Android ID), and mobile network information.
• Usage Data: Interaction with the App, features used, and time spent.
• Purchase History: Subscription status and transaction history (processed via App Store/Play Store).

3. How We Use Your Information

We use your data for the following purposes:

• Service Provision: To provide the AI health analysis, track your dog's health trends, and manage your account.
• AI Analysis: To process images using Artificial Intelligence to generate health insights.
• Gamification: To track streaks, award badges, and manage rewards.
• Notifications: To send reminders (e.g., "Log your dog's health") and system updates.
• Improvement: To analyze usage trends and improve the accuracy of our AI models.
• Legal Compliance: To comply with applicable laws and regulations.

4. Legal Basis for Processing (GDPR)

If you are from the EEA, our legal basis for collecting and using the personal information described above depends on the Personal Information concerned and the specific context in which we collect it:

• Performance of a Contract: To provide the App services to you (e.g., analyzing a photo you uploaded).
• Legitimate Interests: For improving our services and fraud prevention.
• Consent: For sending promotional emails or push notifications (which you can withdraw at any time).
• Legal Obligation: To comply with tax or accounting laws.

5. Disclosure of Your Information & Third-Party Service Providers

We do not sell your personal data. We share data with trusted third-party service providers who assist us in operating the App. These partners are bound by confidentiality agreements and data processing agreements (DPAs).

5.1. Infrastructure & Hosting

• Hetzner Online GmbH (Germany/EU): We use Hetzner for secure cloud hosting and database storage. Your data is primarily stored in data centers located within the European Union.

5.2. Artificial Intelligence

• OpenAI, L.L.C. (USA): We use OpenAI's API to analyze images (stool/vomit) and generate health reports. Images are transmitted securely to OpenAI for processing. OpenAI does not use data submitted via their API to train their models by default.

5.3. Payments & Subscriptions

• RevenueCat (USA): We use RevenueCat to manage subscription infrastructure. They handle the validation of receipts from Apple and Google. We do not store your credit card information; payments are processed directly by the Apple App Store or Google Play Store.

5.4. Push Notifications

• Expo (USA) / Apple APNS / Google FCM: We use these services to deliver push notifications to your device. This requires processing your device token.

6. International Data Transfers

Some of our service providers (e.g., OpenAI, RevenueCat) are located outside the European Economic Area (EEA), specifically in the United States. We ensure that such transfers are protected by appropriate safeguards, such as the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs) approved by the European Commission.

7. Data Retention

We retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy.

• Account Data: Retained until you delete your account.
• Analysis Data: Retained to provide you with history logs.
• Deletion: You can request deletion of your account and all associated data directly within the App settings. Upon deletion, data is removed from our active databases immediately.

8. Your Data Protection Rights

8.1. GDPR (EEA/UK Users)

You have the right to:

• Access: Request copies of your personal data.
• Rectification: Request that we correct any information you believe is inaccurate.
• Erasure: Request that we erase your personal data ("Right to be forgotten").
• Restrict Processing: Request that we restrict the processing of your personal data.
• Data Portability: Request that we transfer the data that we have collected to another organization, or directly to you.

8.2. US Privacy Rights (CCPA/CPRA etc.)

Depending on your state of residence, you may have the right to:

• Request disclosure of the categories and specific pieces of personal data collected.
• Request deletion of your personal data.
• Opt-out of the "sale" of personal data (Note: We do not sell your data).
• Non-discrimination for exercising your privacy rights.

9. Children's Privacy

Our Service does not address anyone under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personally identifiable information from children. If we discover that a child has provided us with personal data, we delete it immediately.

10. Security

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

PawIQ Privacy Team Email: privacy@thepawiq.com