Privacy Policy

Digipet (“Digipet”, “we”, “us” or “our”) provides a mobile application that helps pet owners keep records of their pets. This Privacy Policy explains what personal data we collect, why we collect it, who we share it with, and the choices and rights you have under the Singapore Personal Data Protection Act 2012 (the “PDPA”) and equivalent laws that may apply to you.

By creating an account or otherwise using the Digipet app (the “App”), you confirm that you have read and understood this Policy and consent to our collection, use and disclosure of your personal data as described below.

1. Who we are

The App is operated by Digipet, based in the Republic of Singapore. For any privacy-related question or request, contact us at DigiPetSG@gmail.com. The person responsible for handling personal data inquiries (our Data Protection Officer) can be reached at the same address.

2. Personal data we collect

We collect only the personal data we need to run the App.

(a) Account information

• Your email address.
• A password, which we never see in plain text — it is hashed by our authentication provider before storage.
• The name you provide on sign-up (kept in your authentication profile).
• If you sign in with Google or Apple, we receive only your email address and display name from that provider — never your password. We do not request, receive, or store any other account data from Google or Apple.

(b) Pet information you choose to enter

The App is a record-keeping tool. You decide what to enter. Typical entries include:

• Pet identity: name, species, breed, date of birth, sex, microchip number, photo.
• Health records: vaccination history and reminders, medications, allergies, conditions, vet visits, weight history, daily routine.
• Emergency contacts you choose to save, including phone numbers (for example, your vet’s clinic).

We treat all of this information as personal data, even though parts of it relate to your pet, because it is linked to your account. Some of it may relate to identifiable third parties (for example, your vet’s name and clinic phone number) — by entering that information, you confirm that you are entitled to provide it to us for the purposes set out in this Policy.

(c) Photos

When you add a pet photo, the App removes embedded location and camera metadata (EXIF) from the image on your device before uploading. The processed image is stored in our cloud storage under a folder scoped to your account.

Document and trip photos stay on your phone. When you attach a vaccination certificate photo, a trip hero shot, or a per-checklist document photo (for example, an export licence or vet health certificate), the App saves the image to your device’s sandbox only. We do not see, store, or back up these photos on our servers. To preserve them across devices, use Profile → Backup & restore to export a bundle you control.

(d) Device location (handled on your device only)

The App has a “pet-friendly places” feature. If you grant location permission, the App reads your device’s approximate location only to compute the distance between you and a fixed list of places that we ship inside the App. Your location coordinates are not transmitted to our servers and are not shared with any third party. You can revoke location permission at any time in your device settings, and you can also use the App by entering a Singapore postal code instead.

(e) Operational data

To keep the service running and to prevent abuse, we keep limited technical records — for example, sign-up rate-limit counters and standard server logs maintained by our infrastructure providers. We do not collect advertising identifiers, run third-party analytics SDKs, or build behavioural profiles for marketing.

3. How we use your data

• To create and operate your account and authenticate you.
• To store and display the pet records you enter, including reminders.
• To generate read-only PDF exports (for example, a vet visit summary or sitter guide) that you choose to share — these are produced on your device.
• To detect and prevent fraud, abuse, security incidents, and policy violations.
• To comply with legal obligations and enforce our Terms of Service.

We do not sell, rent, or trade your personal data. We do not use your records to train artificial-intelligence models.

4. Who we share data with

We share personal data only with service providers that help us operate the App, and only to the extent they need to provide their service to us. Those providers are bound by their own data-protection obligations and are not permitted to use your data for their own purposes. We do not sell, rent, or trade your personal data, and we do not share it with advertisers.

• Supabase — our authentication, database, and object-storage provider. Your account credentials, pet records, and pet photos are hosted on Supabase infrastructure located in Singapore. This is the primary processor that holds the bulk of your personal data.
• Other service providers — we may also use third parties for ancillary functions such as mobile app delivery and updates, postal-code geocoding (limited to the address fragment you enter, with no account or pet data attached), email delivery (for example, sign-up confirmation and password-reset messages), error reporting, and, if we introduce paid features in future, payment processing. Each such provider receives only the information needed to perform its specific function.

Where any sharing involves a transfer of personal data outside Singapore, we rely on the recipient providing a standard of protection comparable to the PDPA, in line with section 26 of the PDPA.

We may also disclose personal data where we are required to do so by law, or to protect our legal rights, the safety of our users, or the integrity of the service.

5. How long we keep data

• Pet records and photos are kept for as long as you keep your account. When you delete a pet from the App, we delete the linked records and the photo from our storage.
• Account data is kept while your account is active. When you close your account — using the in-app control (Profile → Close Account) or by contacting us (see section 7) — we delete your account data, except where we are required by law to retain it for longer.
• Limited operational logs and rate-limit counters may be retained for a short period for security, debugging, and abuse-prevention purposes.

6. How we protect your data

• All traffic between the App and our servers is encrypted in transit (HTTPS/TLS).
• Database access is restricted with row-level security so that one user cannot read or modify another user’s data.
• Photos are stored in folders scoped to your account, and EXIF metadata is removed before upload.
• Passwords are stored only as cryptographic hashes; we cannot recover your password.

No system is perfectly secure. You are responsible for keeping your device and account credentials safe. If you suspect that your account has been compromised, contact us immediately.

7. Your rights under the PDPA

To the extent provided by the PDPA, you have the right to:

• Withdraw consent. You may withdraw consent to our collection, use, or disclosure of your personal data at any time. Withdrawing consent may mean we can no longer provide the App to you.
• Access and correct. You may ask for a copy of the personal data we hold about you and ask us to correct anything that is wrong.
• Delete. You may delete pet records inside the App at any time. To close your account and delete your remaining personal data, use the in-app control (Profile → Close Account) or contact us at the address above.
• Lodge a complaint. If you believe we have not handled your personal data properly, you may complain to the Personal Data Protection Commission of Singapore (www.pdpc.gov.sg).

We will respond to verified requests within a reasonable period and will not charge a fee that exceeds what is permitted under the PDPA.

8. Children

The App is not directed at children under 13, and we do not knowingly collect personal data from anyone under 13. If you believe a child has signed up, contact us and we will delete the account.

9. Changes to this Policy

We may update this Policy from time to time. When we do, we will change the “Effective” date above and, if the changes are material, give you reasonable notice in the App. Continuing to use the App after the new Policy takes effect means you accept the updated Policy.

10. Contact us

Questions, requests, or complaints about this Policy or your personal data: DigiPetSG@gmail.com.