Privacy Policy

• Full name
• Email address
• Password (stored in encrypted form, never in plain text)

• Pet name, species, breed, date of birth or approximate age
• Gender and weight
• Pet photo (optional)
• Known medical conditions, allergies, medications (only what you choose to enter)

• Events you create (vaccinations, vet visits, grooming, etc.)
• Dates, notes, and reminders you set
• Completion status of events

• Photos you submit for AI analysis (stored in Cloud Storage in the EU)
• The area of concern you select (Skin, Eyes, Ears, Paws)
• The duration you select (less than 24 hours, 2-7 days, 1+ week)
• Optional description of symptoms you provide (max 200 characters)
• The AI-generated assessment output (confidence score, risk level, summary, recommendations)

AI analysis is optional. If you do not use the AI Health Check feature, no photos are sent for AI processing.

• Device type and operating system version
• App version
• Anonymous usage analytics (screens visited, features used)
• Crash reports and error logs
• Push notification token (for sending reminders)

Before any photo is sent to our servers for AI analysis, a lightweight machine learning model runs locally on your device (using TensorFlow Lite on Android or Core ML on iOS) to verify that a pet is present in the photo. This local processing happens entirely on your phone — no data is transmitted for this step. If no pet is detected, you will be asked to retake the photo or confirm sending it anyway.

We may disclose your data if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

Your data is stored on Google Cloud servers in the europe-west1 region (Belgium). This applies to:

• Firestore database (account data, pet profiles, calendar, AI diagnoses)
• Cloud Storage (photos submitted for AI analysis)
• Vertex AI processing (Gemini model runs in europe-west1)
• Cloud Functions (AI analysis backend)

Data does not leave the European Union during normal processing. Google LLC provides appropriate safeguards under Standard Contractual Clauses approved by the European Commission for any residual administrative access.

• All data transmitted between the App and our servers is encrypted using TLS 1.3
• All data at rest is encrypted (AES-256) by Google Cloud default encryption
• Passwords are hashed and never stored in plain text
• Firebase Security Rules restrict data access — users can only read their own data
• AI diagnoses and photos cannot be written directly by the client — only through authenticated Cloud Functions
• API credentials are stored in Google Cloud Secret Manager, never in client code
• We regularly review access controls and security configurations

For the AI Health Check feature, we implement additional safeguards aligned with the EU AI Act Article 15 (accuracy, robustness and cybersecurity):

• Prompt injection defense — user-provided symptom descriptions are sanitized and isolated before being sent to the AI model, with multiple pattern-based filters
• Refusal protocol — the AI model is instructed to refuse processing and return a zero-confidence response if manipulation is attempted
• Audit logging — all attempts to circumvent AI safeguards are logged for security review
• No automated decisions — AI outputs are presented to you for your consideration; no decisions are executed automatically based on AI output

No system is 100% secure. In the event of a data breach affecting your rights and freedoms, we will notify you and the relevant supervisory authority as required by GDPR (within 72 hours of becoming aware).

When you use the AI Health Check feature, you are interacting with an Artificial Intelligence system. We make this clear throughout the feature:

• A one-time disclaimer is shown before you first use the feature
• Every AI Health Check result displays a persistent disclaimer card that cannot be hidden
• Shared results include a mandatory disclaimer that the content is AI-generated

AI Health Check outputs are preliminary informational assessments only. They are not veterinary diagnoses. Always consult a licensed veterinarian for health concerns about your pet.

We use Google's Gemini 1.5 Flash model via Vertex AI (europe-west1). The model receives your photo, pet profile information, and selected context (area, duration, optional description) and returns a structured assessment. The model does not learn from individual user interactions in real time — your data is not used to modify Google's general-purpose models.

During onboarding, we ask whether you wish to help improve PetSense AI by allowing anonymized versions of your photos and analysis results to be used for training future AI models. This is optional.

If you consent:

• Your personal identifiers are removed (name, pet name, userId, petId)
• Any text description you provided is reviewed for personal information before use
• Photos are evaluated to ensure they do not contain identifiable human faces or home interiors

Withdrawing consent is simple: go to Settings → Privacy → toggle off "Help improve PetSense AI". Changes take effect immediately (GDPR Article 7(3)). Withdrawal does not affect past consent-based processing but prevents any future use.

If you disagree with an AI Health Check result or believe the assessment was inaccurate, you can:

• Contact us at info@petsense.app with the subject "AI Output Review"
• Request that the specific analysis be deleted from your records
• Provide feedback to help us improve the system

AI Health Check does not make decisions that produce legal or similarly significant effects on you. The AI provides informational output; any decision about your pet's care remains with you and your veterinarian. Because no significant automated decisions occur, GDPR Article 22 rights to human review are not directly triggered, but we still provide the mechanisms in Section 13.4 above as best practice.

We maintain technical safeguards to ensure the integrity of AI outputs (detailed in Section 7.3 above):

• Prompt injection defense at multiple layers
• Server-side validation of AI responses
• Continuous monitoring of AI output quality
• Audit logs of security events