Privacy Policy
Digipet (“Digipet”, “we”, “us” or “our”) provides a mobile application that helps pet owners keep records of their pets. This Privacy Policy explains what personal data we collect, why we collect it, who we share it with, and the choices and rights you have under the Singapore Personal Data Protection Act 2012 (the “PDPA”) and equivalent laws that may apply to you.
By creating an account or otherwise using the Digipet app (the “App”), you confirm that you have read and understood this Policy and consent to our collection, use and disclosure of your personal data as described below.
1. Who we are
The App is operated by Digipet, based in the Republic of Singapore. For any privacy-related question or request, contact us at DigiPetSG@gmail.com. The person responsible for handling personal data inquiries (our Data Protection Officer) can be reached at the same address.
2. Personal data we collect
We collect only the personal data we need to run the App.
(a) Account information
- Your email address.
- A password, which we never see in plain text — it is hashed by our authentication provider before storage.
- The name you provide on sign-up (kept in your authentication profile).
- If you sign in with Google or Apple, we receive only your email address and display name from that provider — never your password. We do not request, receive, or store any other account data from Google or Apple.
(b) Pet information you choose to enter
The App is a record-keeping tool. You decide what to enter. Typical entries include:
- Pet identity: name, species, breed, date of birth, sex, microchip number, photo.
- Health records: vaccination history and reminders, medications, allergies, conditions, vet visits, weight history, daily routine.
- Emergency contacts you choose to save, including phone numbers (for example, your vet’s clinic).
We treat all of this information as personal data, even though parts of it relate to your pet, because it is linked to your account. Some of it may relate to identifiable third parties (for example, your vet’s name and clinic phone number) — by entering that information, you confirm that you are entitled to provide it to us for the purposes set out in this Policy.
(c) Photos
When you add a pet photo, the App removes embedded location and camera metadata (EXIF) from the image on your device before uploading. The processed image is stored in our cloud storage under a folder scoped to your account.
Document, trip, grooming and vet visit photos stay on your phone. When you attach a vaccination certificate photo, a trip hero shot, a per-checklist document photo (for example, an export licence or vet health certificate), a grooming photo, or a vet visit photo, the App saves the image to your device’s sandbox only. We do not see, store, or back up these photos on our servers. To preserve them across devices, use Profile → Backup & restore to export a bundle you control.
(d) Device location
The App uses your device’s location for two distinct purposes. We treat each separately, and you can withhold consent for either.
(i) Pet-friendly places (Explore). If you grant location permission, the App reads your device’s approximate location only to compute the distance between you and a fixed list of places that we ship inside the App. Your location coordinates for this feature are not transmitted to our servers and are not shared with any third party. You can also use the Explore feature without granting location permission by entering a Singapore postal code instead.
(ii) Dog walk tracking. If you start a walk in the App, the App records your position while the walk is active, including in the background so that tracking continues when your screen is locked or you switch apps mid-walk. The recorded route (a list of latitude, longitude and timestamp points, downsampled on your device) is saved to your walk history under your account on Supabase (see section 4). The route is visible only to you, is never used for advertising, and is never shared with any third party. The App records location only while a walk is active — never before you tap “Start Walk” or after you tap “Stop”, and never when the App is not running a walk.
You can revoke location permission at any time in your device settings. The App will continue to work without it, but the Explore distance feature and dog walk tracking will not.
(e) Operational data
To keep the service running and to prevent abuse, we keep limited technical records — for example, sign-up rate-limit counters and standard server logs maintained by our infrastructure providers. We do not collect advertising identifiers and we do not build behavioural profiles for marketing.
(f) Product-usage analytics
We use a privacy-focused analytics tool (PostHog, hosted in the European Union) to understand how the App is used — for example, which screens are visited, which features are tapped, and how long a session lasts. This helps us decide what to build next and where to fix bugs.
What we send to PostHog: event names (for example, “sign-up completed”, “pet added”, “vet visit logged”), simple enum, boolean or count properties tied to those events (for example, the sign-up provider used, the record type, the number of pets on the account, the days since install), and standard device metadata (iOS or Android version, App version, device class).
What we never send to PostHog: your pet’s records, photos, notes, allergies, conditions, vet visits, walks, location coordinates, your email, your full name, phone numbers, microchip numbers, or any free-text you type in the App.
Your account is referenced in PostHog only by an opaque identifier (your Supabase user ID). PostHog does not receive your email or other contact details.
You can turn off product-usage analytics at any time in Profile → Privacy → Analytics. After you opt out, no further events are sent from your device.
(g) Community reviews
If you write a review of a place, we store the rating, your optional review text, and the time you posted it, linked to your account. A review is public — visible to all other users. To prevent impersonation, it is shown under a masked form of your email (for example, wo•••@gmail.com); we never display your full email on a review. If you report a review or block a reviewer, we store that action so we can apply it and act on abuse. You can edit or delete your reviews at any time, and deleting your account removes them.
(h) AI pet-care assistant (Biscuit)
Biscuit is an in-app AI assistant powered by Google’s Gemini API. When you send Biscuit a message, the message text plus a slim context object about the pet you’re currently “Talking about” travels via our Supabase Edge Function to Google’s Gemini service for processing. Your messages and the Gemini responses are not stored on our servers — chat history lives only in memory on your device and is cleared when you leave the screen.
What we send to Google for each message: your message text; the active pet’s name, species, breed, age in years, sex, neutered status, known allergies, diagnosed conditions, names of current medications, last three vaccinations, recent weight trend, last vet-visit date, and vet name if you have recorded one; your country code (e.g. SG) so answers are localised; and the last few messages in the conversation for follow-up context.
What we never send to Google: your microchip number, pet photos or document scans, free-text notes from any record, exact date of birth, medication dosages, location data, your email, your full name, phone numbers, daily routine, today’s walks, meals or grooming entries, or emergency-contact phone numbers.
We use Gemini’s paid tier, which under Google’s terms means your prompts and pet context are not used to train Google’s models. Google may briefly retain the data to operate the service and meet legal obligations; see Google’s API terms for details.
Biscuit is an information aid only. It is not veterinary advice and not a substitute for a vet. The chat screen carries a persistent disclaimer to this effect throughout the conversation. For anything that looks like an emergency, please contact your vet or the nearest emergency animal clinic immediately.
Free accounts get two Biscuit messages per rolling 24-hour window; premium accounts get twenty. Your allowance refreshes 24 hours after the first message in the current window.
(i) Digipet Premium subscription
Digipet Premium is an auto-renewing monthly subscription that unlocks 20 Biscuit messages per 24-hour window (vs 2 on the free tier). Subscriptions are processed by Apple (on iOS) or Google (on Android). We never see your card number, billing address, or the name on your card — Apple and Google handle the entire payment surface and only tell us whether a valid subscription exists.
To keep your subscription state in sync between the store and the app, we use RevenueCat as a sub-processor. RevenueCat receives: your Digipet user ID (a UUID), the platform purchase token / receipt issued by Apple or Google, your app version, device OS, country, and IP address (standard SaaS analytics). RevenueCat then notifies our Supabase backend so the app knows whether to unlock premium features for your account. RevenueCat does not receive your pet records, chat messages, email, name, or phone number. See RevenueCat’s privacy policy at revenuecat.com/privacy for their handling.
The store you bought from is the source of truth for billing — you can review, change, or cancel your subscription at any time in Settings → Apple ID → Subscriptions (iOS) or in the Google Play app → Account → Subscriptions (Android). Cancellations take effect at the end of the current billing period.
3. How we use your data
- To create and operate your account and authenticate you.
- To store and display the pet records you enter, including reminders.
- To generate read-only PDF exports (for example, a vet visit summary or sitter guide) that you choose to share — these are produced on your device.
- To detect and prevent fraud, abuse, security incidents, and policy violations.
- To comply with legal obligations and enforce our Terms of Service.
We do not sell, rent, or trade your personal data. We do not use your records to train artificial-intelligence models, and the Gemini paid tier we use for Biscuit (see section 2(h)) excludes your prompts and pet context from being used to train Google’s models.
4. Who we share data with
We share personal data only with service providers that help us operate the App, and only to the extent they need to provide their service to us. Those providers are bound by their own data-protection obligations and are not permitted to use your data for their own purposes. We do not sell, rent, or trade your personal data, and we do not share it with advertisers.
- Supabase — our authentication, database, and object-storage provider. Your account credentials, pet records, and pet photos are hosted on Supabase infrastructure located in Singapore. This is the primary processor that holds the bulk of your personal data.
- Google (Gemini API) — used only when you send a message to Biscuit, our in-app AI assistant (see section 2(h)). The message text and the slim pet context described there are sent to Google’s Gemini service to generate the reply. We use Gemini’s paid tier, which excludes your prompts and pet context from being used to train Google’s models.
- Apple and Google (in-app subscriptions) — if you subscribe to Digipet Premium, Apple (on iOS) or Google (on Android) processes the payment under their own terms. They receive the card information you provide them, not us; we receive only confirmation that an active subscription exists.
- RevenueCat — sub-processor that bridges the App Store / Play Store with our backend so subscription state stays in sync. RevenueCat receives only the items listed in section 2(i): your Digipet user ID, the purchase receipt, and standard SaaS analytics about the device making the request. No pet records, chat content, or contact info reaches RevenueCat.
- Other service providers — we may also use third parties for ancillary functions such as mobile app delivery and updates, postal-code geocoding (limited to the address fragment you enter, with no account or pet data attached), email delivery (for example, sign-up confirmation and password-reset messages), and error reporting. Each such provider receives only the information needed to perform its specific function.
Where any sharing involves a transfer of personal data outside Singapore, we rely on the recipient providing a standard of protection comparable to the PDPA, in line with section 26 of the PDPA.
We may also disclose personal data where we are required to do so by law, or to protect our legal rights, the safety of our users, or the integrity of the service.
5. How long we keep data
- Pet records and photos are kept for as long as you keep your account. When you delete a pet from the App, we delete the linked records and the photo from our storage.
- Account data is kept while your account is active. When you close your account — using the in-app control (Profile → Close Account) or by contacting us (see section 7) — we delete your account data, except where we are required by law to retain it for longer.
- Limited operational logs and rate-limit counters may be retained for a short period for security, debugging, and abuse-prevention purposes.
6. How we protect your data
- All traffic between the App and our servers is encrypted in transit (HTTPS/TLS).
- Database access is restricted with row-level security so that one user cannot read or modify another user’s data.
- Photos are stored in folders scoped to your account, and EXIF metadata is removed before upload.
- Passwords are stored only as cryptographic hashes; we cannot recover your password.
No system is perfectly secure. You are responsible for keeping your device and account credentials safe. If you suspect that your account has been compromised, contact us immediately.
7. Your rights under the PDPA
To the extent provided by the PDPA, you have the right to:
- Withdraw consent. You may withdraw consent to our collection, use, or disclosure of your personal data at any time. Withdrawing consent may mean we can no longer provide the App to you.
- Access and correct. You may ask for a copy of the personal data we hold about you and ask us to correct anything that is wrong.
- Delete. You may delete pet records inside the App at any time. To close your account and delete your remaining personal data, use the in-app control (Profile → Close Account) or contact us at the address above.
- Lodge a complaint. If you believe we have not handled your personal data properly, you may complain to the Personal Data Protection Commission of Singapore (www.pdpc.gov.sg).
We will respond to verified requests within a reasonable period and will not charge a fee that exceeds what is permitted under the PDPA.
8. Children
The App is not directed at children under 13, and we do not knowingly collect personal data from anyone under 13. If you believe a child has signed up, contact us and we will delete the account.
9. Changes to this Policy
We may update this Policy from time to time. When we do, we will change the “Effective” date above and, if the changes are material, give you reasonable notice in the App. Continuing to use the App after the new Policy takes effect means you accept the updated Policy.
10. Contact us
Questions, requests, or complaints about this Policy or your personal data: DigiPetSG@gmail.com.