Privacy Policy (EU)

Summary

  • We collect minimal personal data (name and email)

  • Our focus is primarily on data about your pet

  • Data is stored securely and used to operate and improve the service

  • AI is used to analyze information, but nothing is stored without your approval

  • We use trusted third-party providers (such as Azure, Stripe, and OpenAI)

  • You can request access, correction, or deletion of your data at any time

Last updated: 22.april.26

 

1. Introduction

PetKey (“we”, “us”, “our”) is committed to protecting your privacy.

This Privacy Policy explains how we collect, use, store, and share personal data when you use our services, including our website and mobile applications.

PetKey is designed to primarily store and manage pet-related data, with minimal personal data related to the pet owner.

 

2. Data We Collect

2.1 Personal Data (Pet Owner)

We collect limited personal data, including:

  • Name

  • Email address

  • Phone number (if provided)

 

2.2 Pet Data

We collect and store data related to pets, including:

  • Name, breed, age

  • Health information

  • Uploaded documents (e.g. medical records)

  • Images and files

  • AI-generated structured data (after user approval)

 

2.3 Usage Data

We may collect limited technical data such as:

  • Error logs

  • Device and system information

  • Basic usage patterns

We do not store full user interaction logs or chat histories.

 

3. AI Processing

PetKey uses AI services provided by third parties (e.g. OpenAI) to:

  • Extract information from documents

  • Structure pet-related data

  • Assist users in understanding content

Important:

  • AI processing is stateless from PetKey’s side (no chat history is stored)

  • Data sent to AI providers may be retained by them for a limited period (e.g. up to 30 days)

  • AI-generated data is only stored if the user explicitly approves it

 

4. How We Use Data

We use data to:

  • Provide and operate the service

  • Store and organize pet profiles

  • Enable sharing with veterinarians or other users

  • Improve product functionality

  • Ensure system security and reliability

We may use aggregated and anonymized data for analytics and product improvement.

 

5. Legal Basis (GDPR)

We process personal data based on:

  • Contract – to provide the service

  • Legitimate interest – to improve and secure the platform

  • Consent – where required (e.g. sharing data, certain AI features)

 

6. Data Sharing

6.1 User-Controlled Sharing

You may share pet data with:

  • Veterinarians

  • Other users

Access is:

  • Time-limited

  • Controlled by you (e.g. access codes)

 

6.2 Third-Party Providers (Subprocessors)

We use trusted third-party providers to operate our services:

Infrastructure & Storage

  • Microsoft Azure (EU – Netherlands / Ireland)

  • bunny.net (EU storage + global CDN caching)

AI Services

  • OpenAI (data may be processed outside the EU, retained temporarily)

Payments

  • Stripe (global, including USA)

  • Apple (In-App Purchases)

  • RevenueCat (subscription management for Apple users)

Communication & Tools

  • SendGrid (email delivery)

  • Google Workspace (email & storage)

  • Slack (internal communication)

  • Notion (documentation)

Development

  • GitHub (code hosting and collaboration)

We ensure appropriate safeguards are in place, including:

  • Data Processing Agreements (DPA)

  • Standard Contractual Clauses (SCC) where required

 

7. Data Storage & Retention

  • Pet data is stored as long as necessary to provide the service

  • Pet profiles may be archived rather than permanently deleted

  • User accounts may be deleted upon request

  • Backup systems may retain data for a limited period

 

8. Data Security

We implement appropriate technical and organizational measures, including:

  • Secure cloud infrastructure

  • Access controls and authentication systems

  • Monitoring of system errors and vulnerabilities

Users are responsible for keeping their login credentials secure.

 

9. International Data Transfers

Some providers process data outside the EU/EEA.

Where this occurs, we rely on:

  • EU Standard Contractual Clauses (SCC)

  • EU-US Data Privacy Framework (where applicable)

 

10. Your Rights

Under GDPR, you have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion

  • Restrict or object to processing

  • Data portability

To exercise your rights, contact us at:

📧 info@petkey.no

 

11. Cookies & Tracking

We use limited cookies and tracking technologies primarily for:

  • Essential functionality

  • Error tracking and performance

We do not use extensive tracking or profiling tools.

 

12. Children’s Data

PetKey is not intended for children under 18.

 

13. Changes to This Policy

We may update this Privacy Policy from time to time.

 

14. Contact Information

PetKey AS

Rådyrveien, Oslo

935067731

📧 info@petkey.no