Petophilla is a social platform for pet owners, operated by Gourav Karki (“we”, “us”). This policy explains what personal data we collect, why, who we share it with, and your rights under UK GDPR and India’s DPDP Act 2023.
Who can use Petophilla
You must be at least 13 years old. If you are under 18, you may only use the app with a parent or guardian’s involvement and consent. We do not knowingly collect data from children under 13.
What we collect
Information you give us
- Account: your email, a password stored only as a secure one-way bcrypt hash (we can never read it), and a verification code (OTP).
- Profile: name, phone number, city.
- Pet “Pawfile” data: pet name, species, breed, age, bio, and health logs (food, weight, walks, vaccinations).
- Content: photos, videos, stories, posts, comments, and chat messages.
- Marketplace: adoption/service/event listings and payment-related details.
Collected automatically
- Location (only with permission) to show nearby vets, shops, and events.
- Device & usage data: device model, OS, app version, IP address, crash data.
- An advertising identifier for ads, only where you consent.
How we use your data
- To create and run your account and keep you signed in.
- To power social features, chat, notifications, and matching (“PawMatch”).
- To show nearby places and events (with location permission).
- To process payments and seller payouts.
- To provide AI care guidance (“PawLearn”).
- To show ads that keep the app free (with consent).
- To keep Petophilla secure, prevent abuse, and comply with the law.
Our legal bases (UK GDPR) are performance of our contract with you, your consent (location, AI, personalised ads), our legitimate interests (security), and legal obligations. Under India’s DPDP Act we rely on your consent or permitted legitimate uses; you can withdraw consent anytime.
AI features
When you use PawLearn, the text or pet photo you submit is sent to our AI providers (Google Gemini, with NVIDIA as a fallback) to generate a reply. Please don’t submit anything sensitive, or other people’s personal data, into AI prompts.
Who we share data with
We do not sell your personal data. We share it only with service providers that process it for us under contract: Supabase (database & storage), Render (hosting), Stripe / Stripe Connect (real-world payments & payouts; we never receive your full card number), Google Play Billing (digital subscriptions), Google AdMob (ads, with consent), Google Gemini / NVIDIA (AI), and Expo / EAS (delivery & notifications). We may also disclose data where required by law or to protect users’ safety.
International transfers
Our providers may process data in the US and elsewhere. Where we transfer data outside the UK/EEA or India, we use appropriate safeguards such as the UK IDTA or EU Standard Contractual Clauses.
Your rights
Under UK/EU GDPR you can access, correct, delete, restrict, port, or object to processing of your data, and withdraw consent. Under India’s DPDP Act you can access, correct, and erase your data, and seek grievance redressal.
- In-app: Profile → Settings → Delete account erases your account, pets, posts, media, chats, and health logs.
- By email or web: karkisinghg88@gmail.com or our account-deletion page. We respond within 30 days.
You can complain to the UK Information Commissioner’s Office (ico.org.uk) or the Data Protection Board of India.
Data retention
We keep your data while your account is active. When you delete your account we remove it from the live database. We may keep limited records where the law requires (e.g., payment/tax records) or to resolve disputes.
Ads & tracking
We show ads via Google AdMob to keep the app free. On iOS we ask permission through Apple’s App Tracking Transparency prompt; in the UK/EU we show a Google consent message. If you don’t consent, you’ll see non-personalised ads only. You can reset your advertising ID in device settings, or change your choice anytime in the app under Settings → Manage ad consent.
Security
We protect your data with bcrypt password hashing, HTTPS/TLS in transit, access-controlled storage, and server-only secrets. No system is perfectly secure; we’ll notify you and the authorities of a qualifying breach as required.
Changes
We may update this policy and will change the date above; for material changes we’ll notify you in the app.
Contact
Gourav Karki, Petophilla · karkisinghg88@gmail.com
Read our Terms & Conditions →