Privacy Policy

Effective Date: 2026-01-11

1. Information We Collect

a. Personal Information

  • Name, email address, and contact details
  • Payment and billing information (for subscriptions)
  • Account credentials and profile preferences

b. Pet-Related Information

  • Pet name, breed, age, and medical history
  • Behavioral and wellness data provided by you
  • AI-driven health and activity assessments

c. Usage & Device Data

  • Device information, browser type, IP address
  • Interaction with features and services
  • Cookies and tracking technologies
  • Health and activity data from connected devices (e.g. smart collars, wearables)

d. Children's Data

Our services are intended for users who are at least 13 years old (16 in the European Union). We do not knowingly collect personal data from individuals below these age thresholds. If we discover we have inadvertently collected such data, we will delete it promptly.

2. Product Analytics & Your Choices

We collect product analytics to understand how you use Petto Health and improve your experience. You can opt out of product analytics at any time in your Account Settings > Privacy & Data.

What We Track (With Your Consent)

When product analytics are enabled, we collect:

  • Feature usage: Which features you use and how often (e.g., "User viewed Wellness Plan 3 times this week")
  • Page visits: Which pages you navigate to and how long you spend on them
  • User journey: How you navigate through the app and which workflows you complete
  • Technical information: Browser type, device type, screen resolution, and performance metrics

This data helps us understand which features are valuable and which need improvement.

What We DON'T Track (Even with Analytics Enabled)

  • ❌ Your conversations with Petto Intelligence (100% private, never logged or analyzed)
  • ❌ Pet health records, medical documents, or health information
  • ❌ Anything that could identify your specific pets or their conditions
  • ❌ We never sell your data to third parties

Essential Technical Data (Tracked Even With Opt-Out)

Even if you opt out of product analytics, we continue to collect minimal essential technical data under our legitimate interest in maintaining service quality, security, and contractual obligations. This includes:

Subscription & Billing:

  • Subscription lifecycle events (payments, upgrades, downgrades, cancellations)
  • Payment failures and retry attempts
  • Feature limit enforcement (e.g., when you reach your tier's pet or reminder limit)

Security & Fraud Prevention:

  • Content moderation events (jailbreak attempts, inappropriate content detection)
  • Security incidents (failed logins, suspicious activity patterns)
  • Rate limiting violations and abuse detection
  • System performance monitoring for service reliability

Why We Track This:

  • Subscription events are necessary for billing, revenue recognition, and enforcing your subscription tier limits
  • Security events are required to protect you and other users from abuse, fraud, and malicious activity
  • Performance monitoring ensures we can maintain service quality and fix issues affecting your experience

This essential data collection is permitted under GDPR Article 6(1)(f) (legitimate interests) and is necessary for:

  • Performing our contract with you (subscription management)
  • Protecting the security and integrity of our service
  • Complying with legal obligations (fraud prevention, financial reporting)

All essential events are flagged in our analytics system and can be audited for compliance purposes.

How to Opt Out

To disable product analytics:

  1. Go to Account Settings > Privacy & Data
  2. Toggle "Disable product analytics"
  3. Your preference is saved immediately

You can re-enable analytics at any time using the same toggle.

3. How We Use Your Information

  • To provide and improve our AI-powered pet wellness services
  • To personalize recommendations for preventative care and behavioral wellness
  • To train and improve our AI algorithms using aggregated, de-identified data
  • To provide AI-generated insights and nudges based on your pet's profile
  • To process payments and manage subscriptions
  • To communicate updates, promotions, and service notifications
  • To comply with legal obligations and enforce our terms

4. Sharing of Information

  • With Service Providers: Payment processors, customer support, and cloud hosting services
  • With Third-Party Integrations: Insurance providers, veterinarians, e-commerce partners
  • With Your Consent: We may share personalized pet data with third parties only if you explicitly authorize it.
  • Legal Compliance: If required by law, legal process, or to protect rights

Analytics Services

We use PostHog for product analytics (when not opted out). PostHog is a privacy-focused analytics platform that:

  • Stores data in the United States
  • Complies with GDPR requirements
  • Does not sell your data to third parties
  • Supports our opt-out functionality

Even if you opt out of product analytics, essential technical events (described in Section 2) are still sent to PostHog for service operation purposes.

Learn more: PostHog Privacy Policy

5. Data Security & Retention

We implement industry-standard security measures to protect your data. We retain your data as long as your account is active or as needed to provide services. You may request deletion at any time.

Analytics Data Retention

  • Product analytics data: Retained for up to 2 years for trend analysis and product improvement
  • Essential technical data: Retained for up to 7 years for:
    • Subscription/billing records (required for accounting and tax purposes)
    • Security incidents (required for fraud prevention and legal compliance)
    • Performance monitoring (retained for 90 days for operational purposes)

6. Your Rights & Choices

  • Access & Correction: You may request access to or correction of your personal data.
  • Marketing Opt-Out: You can opt out of marketing communications at any time.
  • Analytics Opt-Out: You can disable product analytics tracking in Account Settings > Privacy & Data. This will stop tracking of your behavior, feature usage, and navigation patterns. Essential technical data (subscription, security, performance) will continue to be processed under our legitimate interest as described in Section 2.
  • Data Deletion: You may request the deletion of your account and associated data.

Right to Object to Processing

You have the right to object to our processing of your data for product analytics purposes. You can exercise this right by:

  • Opting out of product analytics in Account Settings > Privacy & Data
  • This will stop tracking of your behavior, feature usage, and navigation patterns
  • Essential technical data (subscription, security, performance) will continue to be processed under our legitimate interest

If you wish to object to the processing of essential technical data, please contact us at privacy@petto.health to discuss your specific concerns. Note that some essential processing may be required to provide the service or comply with legal obligations.

7. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and UK, we process your data based on the following legal grounds:

GDPR Consent Model

Our opt-out model for product analytics is a valid consent mechanism under GDPR. By default, analytics are enabled to help us improve the product, but you can withdraw consent at any time in Account Settings > Privacy & Data. Essential technical data processing continues under legitimate interest (Art. 6(1)(f)) as detailed below.

Data Type Legal Basis Purpose
Product Analytics Consent (opt-out model) Product improvement, feature prioritization, user experience optimization
Essential Technical Data Legitimate Interest (Art. 6(1)(f)) Service operation, security, fraud prevention, contractual obligations
Subscription/Billing Contract Performance (Art. 6(1)(b)) Processing payments, enforcing tier limits, revenue recognition
Security Events Legitimate Interest + Legal Obligation Protecting users, preventing fraud, complying with security requirements

8. International Users

If you access our services outside the U.S., you agree to data transfers as necessary to provide our services in accordance with this policy. We implement appropriate safeguards for international data transfers, including Standard Contractual Clauses (SCCs) where required by law.

9. Cookies & Tracking

We use cookies and similar tracking technologies to improve your experience, analyze app usage, and provide personalized content.

In the Petto Health app: You can control product analytics tracking in Account Settings > Privacy & Data as described in Section 2.

On our marketing website: We collect minimal session data for basic site functionality. You can adjust cookie preferences in your browser settings.

10. Governing Law

This Privacy Policy is governed by the laws of the State of Delaware. Any disputes related to this policy shall follow the same arbitration process outlined in our Terms & Conditions.

11. Updates to This Policy

We may update this policy from time to time. Continued use of our services after updates constitutes acceptance. We will notify users of material changes via in-app alerts or email.

For questions, contact hello@petto.health.