Privacy Policy
Pawtend Privacy Policy
Effective Date: January 5, 2026 · Last Updated: January 5, 2026
This Privacy Policy explains how Pawtend, Inc. ("Pawtend," "we," "us," "our") collects, uses, shares, and protects information when you use the Pawtend platform (the "Platform").
1. Roles: Pawtend and Facilities
Facilities (boarding/daycare/grooming/training businesses) use the Platform to manage their customer relationships and pet care operations.
For Customer and pet data processed for a Facility, Pawtend generally acts as a service provider/processor on behalf of the Facility.
For certain Platform operations (security logs, service communications, account administration), Pawtend may act as a controller/business.
If you are a Customer booking services, your primary pet care relationship is with the Facility.
2. Information We Collect
We collect information you provide, information created through your use, and technical/security data.
2.1 User Account Information
Email address (required)
Password (stored and managed by AWS Cognito; not stored by Pawtend directly)
First name and last name
Phone number
Display name
Profile photo/avatar
Address (street, unit, city, state, ZIP)
2.2 Emergency and Veterinary Information
Emergency contact names, phone numbers, relationships
Veterinarian name
Clinic/hospital name
Veterinarian phone and email
2.3 Pet Information (Including Sensitive Health Data)
Pet name, species, breed, gender, age/birth date, weight, color/markings, spay/neuter status
Microchip number and registration number
Pet profile photos
Vaccination records (dates/expiration) and related documents
Allergies (list), medications/dosages, supplements
Dietary restrictions, feeding instructions/schedules
Medical history/conditions and special needs
Behavioral information and care instructions
Authorized pickup persons and pet-related contacts
2.4 Payments and Transaction Information
Payment token and metadata (card brand/type, last four digits, expiration, billing address)
Transaction records (amounts/dates), invoices, refunds, payment history
We do not store full payment card numbers. Payment processing is handled by Fiserv/CardPointe (tokenization).
2.5 Reservations and Service Information
Reservation dates/times, check-in/check-out times
Services booked, room assignments, add-ons
Special instructions
Internal staff notes (as entered by Facilities)
Reservation history
2.6 Technical, Device, and Security Data
AWS Cognito user identifier
Session/authentication metadata (e.g., login timestamps)
Audit and access logs: user actions, access timestamps, entity changes (old/new values), IP addresses, user agent strings
Device and app info: platform (iOS/Android/Web), app version
2.7 Files and Documents (Including ID Uploads)
Depending on Facility requirements and your use, the Platform may store:
User and pet profile photos
Vaccination records and medical documents
Government-issued ID documents (e.g., driver's license) if required by a Facility
Incident documentation photos and evidence
Facility-uploaded business documents
Files are stored in Amazon S3, typically encrypted at rest, with controlled access mechanisms (e.g., signed URLs that may expire).
3. How We Use Information
We use information to:
Provide and operate the Platform (accounts, bookings, staff workflows)
Create and manage pet profiles and service records
Process payments and manage transactions
Send transactional communications (confirmations, reminders, incident alerts)
Support Facilities in providing services (sharing necessary info with the Facility you interact with)
Maintain safety and security (fraud prevention, authentication, audit trails)
Provide customer support
Improve reliability and performance (debugging, error monitoring, service optimization)
Comply with legal obligations and enforce our Terms
4. How We Share Information
4.1 With Facilities
We share your information (including pet information, documents, and bookings) with the Facility you use so they can:
provide and manage services,
communicate with you,
enforce policies and safety requirements,
maintain records.
4.2 With Service Providers (Processors)
We share information with vendors that help us run the Platform, including:
Amazon Web Services (AWS): Cognito, S3, SES, RDS, Secrets Manager
Fiserv/CardPointe: payment processing
Redis: caching/session support
IPCamLive (optional): webcam feeds if enabled by a Facility
These providers process data under contractual obligations consistent with providing services to Pawtend.
4.3 Legal, Safety, and Compliance
We may disclose information to:
comply with law or legal process,
protect rights, safety, and security of users, Facilities, Pawtend, or the public,
investigate fraud, abuse, or security incidents.
4.4 Business Transfers
If Pawtend is involved in a merger, acquisition, financing, or asset sale, information may be transferred as part of that transaction subject to appropriate protections.
5. Cookies, Analytics, and Advertising
5.1 Cookies
Pawtend does not use cookies for targeted advertising or analytics.
Some Platform components may use local storage or similar device storage for session continuity and security (for example, storing app settings or authentication state). We do not use these mechanisms to track you across unrelated websites or services.
5.2 No Targeted Ads
We do not run targeted advertising based on cross-site tracking, and we do not "sell" personal information for money.
6. Data Storage, Location, and Security
6.1 Storage Location
Platform data is generally stored using AWS infrastructure in the United States (unless a Facility's configuration changes in the future).
6.2 Security Measures
We use safeguards appropriate to the nature of the data, which may include:
AWS Cognito authentication (passwords not stored by Pawtend)
Token-based authentication (JWT)
Refresh token encryption (AES-256-GCM)
Role-based access control and permissions
Audit logging of actions and data changes
File validation (MIME checks, size limits, filename sanitization)
Encryption at rest for stored files and databases (where configured)
No system is perfectly secure. We cannot guarantee absolute security.
7. Data Retention
Retention depends on legal requirements, Facility configuration, and operational needs. Typical practices include:
Audit logs: configurable (e.g., 30 days to permanent)
Reservation records: often retained long-term for business records
Payment records: retained as required for accounting, fraud prevention, and dispute handling
Documents (including IDs): retained until deleted per Facility policy or user request (subject to legal/operational exceptions)
Incident reports: may be retained long-term for safety and liability documentation
Soft-delete may be used, meaning content can remain recoverable for a period before permanent deletion, subject to configuration and backups.
8. Your Rights and Choices
8.1 Access and Updates
You can access and update certain information through your account settings and pet profiles.
8.2 Deletion Requests
You may request deletion of your account and/or certain data by contacting info@pawtend.com. If your data is primarily maintained by a Facility (e.g., service records), we may direct you to the Facility or assist by forwarding your request.
We may retain certain data where necessary to:
comply with law,
resolve disputes,
prevent fraud and abuse,
maintain security logs,
keep required business records,
retain incident documentation as permitted/required.
9. Nevada Privacy Rights (Nevada Residents)
Nevada law may allow consumers to opt out of the "sale" of certain covered information. Pawtend does not sell your personal information for money.
Nevada residents can submit requests or questions to: info@pawtend.com.
10. California and Other U.S. State Privacy Rights (If Applicable)
If you are a resident of a state with privacy rights (e.g., California CCPA/CPRA), you may have rights to:
know/access information collected about you,
request deletion (with exceptions),
correct inaccurate information,
opt out of certain uses (where applicable).
Sale/Sharing: Pawtend does not sell personal information for money and does not share personal information for cross-context behavioral advertising.
To submit a request: info@pawtend.com. We may verify your identity before processing.
If you are interacting with a Facility, the Facility may be the entity controlling your service records; we may coordinate with the Facility to fulfill requests.
11. Children’s Privacy
The Platform is not intended for children under 13 (or the minimum age required where you live). We do not knowingly collect personal information from children. If you believe a child has provided information, contact info@pawtend.com.
12. International Users
If you use the Platform from outside the U.S., your information may be processed in the U.S., where data protection laws may differ from those in your jurisdiction.
13. Changes to This Privacy Policy
We may update this Privacy Policy. If changes are material, we will provide notice through the Platform or by email. The updated policy becomes effective on the Effective Date listed above.
14. Contact
Pawtend, Inc.
Email: info@pawtend.com