Privacy Policy

Effective date: February 2026 · Last updated: February 2026

The short version: We store your account info and your animals' records to run the service. We don't sell your data. When you delete your account, your personal info is erased. Your animals' medical records may be retained in anonymized form for animal welfare purposes — and we'll always tell you how to get those deleted too.

1. Who We Are

AnimalID ("we," "us," or "the Company") operates animalid.app, an animal identity and health records platform based in Austin, Texas. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.

Questions? Contact our privacy team at privacy@animalid.app.

2. What We Collect

Account Information

When you create an account: your email address, display name, and password (hashed — we never store plaintext passwords). If you sign in via a third-party provider (Google, Apple), we receive basic profile info from that provider.

Animal Profile Information

Information you enter about your animals: name, species, breed, sex, date of birth, weight, color/markings, microchip ID, notes, and photos. This is the core data the service is built around.

Health Records and Documents

Veterinary records, vaccination documents, prescriptions, lab results, and other documents you upload. This includes both the raw files (PDFs, photos) and structured data extracted from them.

Lost & Found Data

If you mark an animal as lost: the last known location, date last seen, and description. If you submit a found-animal report (no account required): your email address, the location where you found the animal, a photo, and a description.

Payment Information

We use Stripe to process payments. We never see or store your full credit card number. Stripe returns a payment token and customer ID, which we store to manage your subscription. Your full payment details are held by Stripe under their own privacy and security standards.

Usage and Technical Data

Standard web server logs: IP address, browser type, pages visited, timestamps. We use this to monitor service health and debug issues. We do not use this data for advertising targeting.

Communications

If you contact us via email or our support channels, we retain those communications to resolve your issue and improve our service.

3. How We Use Your Information

We use your information for the following purposes:

Operating the service: Creating and managing profiles, storing and displaying health records, generating QR codes, sending vaccination and medication reminders.
Lost & Found matching: Comparing photos of found animals against registered lost profiles using AI image similarity. Notifying owners when a possible match is found.
AI document processing: Extracting structured data from uploaded documents using AI. Extracted data is presented as a draft for your review and confirmation — not stored automatically.
Billing and subscriptions: Processing payments, managing subscription tiers, sending receipts and payment failure notices.
Service communications: Sending transactional emails (reminders, reunification alerts, account notices). We do not send marketing emails without your opt-in consent.
Service improvement: Analyzing aggregate usage patterns (not individual behavior) to improve features and performance.
Legal compliance: Responding to valid legal requests and maintaining records required by law.

We do not sell your personal data. We do not use your data for behavioral advertising. We do not share your data with data brokers.

4. Third-Party Services

We use a small set of trusted third-party services to operate AnimalID. Each receives only the data necessary for their specific function:

Service	Purpose	Data shared
Supabase	Database and file storage	All user and animal data (our primary data store)
Stripe	Payment processing	Email, name, billing address (for paid subscribers)
Vercel	Web hosting and infrastructure	Web traffic (IP, request logs)
Anthropic (Claude)	AI document extraction	Uploaded document content (PDFs, images) when you choose to use AI extraction

When we share data with AI providers for document extraction, documents are processed and discarded — they are not used to train AI models. We select providers whose data processing terms reflect this.

5. Data Retention — The Important Part

We distinguish between two types of data with different retention rules:

Your Personal Information

Name, email, contact details, payment information, and account credentials. This data belongs to you as a person. When you delete your account, this is permanently deleted or anonymized within 30 days.

Animal Records and Identity Data

Vaccination records, medical events, medications, microchip IDs, photos, and other health data belong to the animal — not exclusively to you. This data has independent value for animal welfare regardless of who is paying for a subscription.

If a pet is rehomed, adopted, found as a stray, or enters a shelter, their medical history (vaccination status, allergies, medications) may be critical to their care. A dog whose rabies vaccination record was deleted because their previous owner cancelled a subscription could be denied boarding, housing, or entry into the country.

For this reason, when you request account deletion, animal records are anonymized (owner information removed) but the animal's identity and health data is retained in anonymized form. Our legal basis for this retention is legitimate interest — specifically, animal welfare and public health (rabies vaccination tracking, for example).

If you want animal data deleted too: You can explicitly request complete deletion of specific animal records in a separate step during the account deletion process. We will comply with that request within 30 days.

Subscription Cancellation vs. Account Deletion

Cancelling your subscription downgrades your account to the free Companion tier. All data is retained. Nothing is deleted. Your QR codes continue to work.

Deleting your account permanently removes your personal data. This is irreversible. Animal records are handled as described above.

Deletion Request Logging

We log all deletion requests with timestamps for legal compliance purposes. This log is retained for 7 years as required for audit purposes under applicable law.

6. Your Privacy Rights

Depending on where you live, you have the following rights regarding your personal data. We honor these rights regardless of your location.

Right to Access

You can request a copy of all personal data we hold about you. We'll provide it within 30 days in a portable format (JSON or CSV).

Right to Correction

You can update most of your data directly in your account settings. For data you can't edit yourself, contact us at privacy@animalid.app.

Right to Deletion ('Right to be Forgotten')

You can request deletion of your account and personal data from your Settings page or by emailing privacy@animalid.app. See Section 5 for details on what is deleted vs. retained.

Right to Data Portability

You can export all your animal profiles and records as a ZIP file from your account settings at any time. Exports include structured data (JSON) and original uploaded documents.

Right to Opt Out of Communications

All non-transactional emails include an unsubscribe link. You can also manage notification preferences in your account settings. Transactional emails (receipts, security alerts, payment failure notices) cannot be disabled while your account is active.

Right to Lodge a Complaint

If you believe we've mishandled your data, contact us first at privacy@animalid.app — we'll work to resolve it.

EU residents may also lodge a complaint with your local data protection authority. California residents may contact the California Privacy Protection Agency. Texas residents may contact the Texas Attorney General's office.

7. Security

We implement industry-standard security measures to protect your data:

All data is encrypted in transit (HTTPS/TLS) and at rest
Database access is protected by row-level security — users can only access their own data
Passwords are hashed using bcrypt and never stored in plaintext
Storage buckets for private documents are not publicly accessible
Access logs are monitored for anomalous activity

No system is perfectly secure. If you discover a security vulnerability, please report it to security@animalid.app rather than disclosing it publicly. We'll respond within 48 hours.

In the event of a data breach that affects your personal information, we will notify you within 72 hours of discovery, as required by applicable law.

8. Cookies and Tracking

AnimalID uses a minimal set of cookies:

Session cookies: Required for authentication. Without these, you can't stay logged in. These are deleted when you close your browser.
Preference cookies: Store your UI preferences (dark mode, etc.). Persistent but not tracking-related.

We do not use advertising cookies, tracking pixels, or third-party analytics that profile your behavior across other websites. We use Vercel's built-in analytics, which are privacy-preserving and do not set tracking cookies.

If we ever add analytics tools that use cookies, we'll update this policy and provide a consent banner for visitors in applicable jurisdictions.

9. Children's Privacy

AnimalID is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected data from a child under 13, we will delete it promptly.

If you believe a child under 13 has created an account on AnimalID, please contact us at privacy@animalid.app.

10. International Transfers

AnimalID is operated from the United States. If you access the service from outside the US, your data is transferred to and processed in the United States, where privacy laws may differ from your country's laws.

For users in the European Economic Area (EEA) or the United Kingdom, we transfer data to the US based on the necessity of contract performance and legitimate interests. We ensure our service providers maintain appropriate safeguards for international data transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we'll update the "Last updated" date at the top of this page.

For material changes — particularly changes that reduce your rights or increase how we use your data — we'll notify you by email and in-app notice at least 30 days before the change takes effect.

Your continued use of AnimalID after a policy change constitutes acceptance. If you don't agree with a change, you can delete your account before it takes effect.

12. Contact Us

Privacy-related questions, data requests, or concerns:

AnimalID — Privacy Team

Austin, Texas

privacy@animalid.app

We aim to respond to all privacy inquiries within 5 business days and to fulfill data requests within 30 days.