Privacy Policy

Last updated: 15 June 2026

1. Overview

This policy explains how Pet Capsule ("Pet Capsule", "we", "our", "us") collects, uses, stores, and protects your information when you use the Pet Capsule iOS app ("the App") and the website at petcapsule.app ("the Website"). The App is not offered to residents of the United States or Canada at launch; the Website may still be accessible globally.

2. Data Controller

Pet Capsule is published by SECURIGHT PTY LTD, an Australian proprietary company limited by shares. SECURIGHT PTY LTD is the data controller for personal data collected through the App and Website.

Legal name: SECURIGHT PTY LTD
ACN: 606 659 125
ABN: 25 606 659 125
Registered office: 43 Sanctum Drive, Weir Views, VIC 3338, Australia
Contact: [email protected]

As a small Australian business operator we are not required to appoint a formal Data Protection Officer (DPO) under GDPR or the Australian Privacy Act. We handle privacy matters directly at the contact address above. We do not have an EU/UK establishment; under GDPR Article 27 we do not currently appoint an EU representative because our offering is not directed at EU residents in a way that meets the Article 3(2) threshold. We will review this position if our user base materially shifts.

For any privacy-related question, including GDPR/CCPA/APP rights requests, email [email protected] with "Privacy" in the subject line.

3. Information We Collect

3.1 Information You Provide Directly

Information you provide directly, including data types, collection timing, purpose, and legal basis
Data	When Collected	Purpose	Legal Basis (GDPR)
Email address	Waitlist signup, account creation, Sign in with Apple or Google	Account management, waitlist updates, authentication	Consent / Contract performance
Name	Sign in with Apple or Google	Account display	Consent
Pet information	In-app (names, breeds, health records, photos)	Core app functionality; AI personalisation only when you explicitly trigger AI features	Contract performance
Emergency contacts	In-app (vet/emergency contacts)	Emergency features	Legitimate interest (pet safety)
Care tasks & schedules	In-app (medications, grooming, vet visits)	Care management	Contract performance
Financial data	In-app (pet expenses, insurance info)	Expense tracking	Contract performance

3.2 Information Collected Automatically

Information collected automatically, including data types, sources, purpose, and legal basis
Data	Source	Purpose	Legal Basis
IP address (transient, edge-only)	Cloudflare edge (web) and Supabase edge (auth) for the request lifecycle	DDoS protection, abuse prevention, rate limiting; not used to identify or track you across sessions	Legitimate interest
Approximate country (from IP)	Web request headers	Aggregate analytics; localisation	Legitimate interest
Page views (cookie-free)	Self-hosted analytics + Moxie Observe	Website analytics (no cookies, no cross-site tracking)	Legitimate interest
Marketing attribution (UTM parameters)	URL parameters on signup	Measure marketing effectiveness	Consent (collected with email)
Referral code	URL parameter on invite pages	Referral program tracking	Consent (collected with email)
Theme preference	Browser localStorage	Display preference (light/dark mode)	Legitimate interest
Anonymous usage analytics	In-app events (App); Moxie Observe (Website + App)	Feature usage understanding, reliability	Legitimate interest
Error/crash diagnostics	App runtime, Moxie Observe	Reliability improvement	Legitimate interest

3.3 Information NOT Collected

We do not set advertising or tracking cookies on our website. Our analytics are cookie-free and do not build cross-site profiles. Edge providers (Cloudflare, Supabase) may set short-lived security cookies for DDoS protection; these are not used for advertising.
We do not use advertising identifiers (IDFA, AAID) in the App.
We do not sell, share, or trade your personal information with third parties for advertising or cross-context behavioural advertising.
We do not use Google Analytics, Facebook Pixel, TikTok Pixel, or similar third-party tracking tools.
We do not collect biometric data. Pet photos are not processed as biometric identifiers under BIPA, GDPR, or any other biometric data law.
We do not collect human medical records. If you enable Apple HealthKit integration for walks/steps, that Apple Health data stays on-device and is not sent to our servers.
Fonts are self-hosted — no requests are sent to Google Fonts, Adobe Fonts, or other font CDNs.
We do not sell your data to AI training datasets. Our content licensing for AI search and citation is described separately in our Editorial Policy.

4. How We Use Your Information

To provide and improve Pet Capsule services (App and Website)
To manage your waitlist position and referral rewards
To send you waitlist updates and product announcements (you can unsubscribe anytime)
To generate AI-powered care notes and summaries for your pets (only when you use AI features)
To understand website usage patterns through anonymous analytics
To detect and prevent abuse of our services

5. AI-Specific Data Processing

Pet Capsule uses Google's Gemini AI to power features such as photo care notes, breed identification, food reference lookup, care note summaries, and AI chat. This section explains exactly what data is involved.

5.1 What Data Is Sent to AI

When you explicitly trigger an AI feature, the following data may be sent to Google's Gemini API via our secure server proxy:

Your text prompt — the question or instruction you type
Pet context — your pet's name, species, breed, age, weight, allergies, medications, recent behaviour trends, and care statistics (used to personalise responses)
Photos — only when you use image-based features (photo care notes, breed ID, food reference lookup)

5.2 What Is NOT Sent to AI

Your personal identity, email, or account details
Your location data
Your financial or insurance information
Your vault documents
Data from other pets not relevant to the current query

5.3 How AI Data Is Processed

All AI requests are routed through our secure server proxy (Supabase Edge Function) — the App never communicates directly with Google's AI
Google's Gemini API processes data per their API Terms of Service
Your data is not used to train Google's AI models (per Google's API data usage policy for paid API access)
AI responses are generated in real-time and handled under Google's paid API terms
We store AI usage counts for rate limiting, a one-way hash of prompt text for abuse correlation, AI output logs for up to 30 days for quality and safety review, AI feedback you submit for up to 90 days, and abuse/safety signal logs (e.g. when a prompt is rejected by our content filters or Google's safety classifiers) for up to 180 days. Raw prompt text is not stored in normal operation.

5.4 AI Accuracy Disclaimer

AI features provide general information and may produce inaccurate results. They are not a substitute for professional veterinary advice. Always consult a qualified veterinarian for your pet's health concerns.

6. Pet Health Data

Pet Capsule stores detailed health information about your pets, including medical records, vaccination history, medications, weight trends, and behaviour observations. We want to be clear about how this data is treated:

Pet health data is not human health data. It is not subject to HIPAA (US), the Health Records Act (Australia), or equivalent human health data regulations.
Despite this, we treat your pet's health data with the same level of care and security as if it were protected health information.
Pet health data is stored locally on your device using Apple's SwiftData framework and synced to your personal iCloud. We do not have access to this data on our servers.
Pet health data is only shared with Google's AI when you explicitly use AI care-note or chat features, and only the minimum data needed for the query is sent.

7. Location Data

Pet Capsule uses location data for several features. Here is exactly how each feature uses your location:

Location data usage by feature
Feature	Location Type	Where Stored	Shared With
Walk Tracking	Precise GPS route	On-device only	No one
Pet Places / Trails	Current location or map search area	Not stored on our servers	Google APIs (places and environmental data)
Vet Locator	Approximate location	Not stored	Apple Maps / Google Places

Community feeds, public social posts, caregiver invitations, and lost-pet reports are not part of the v1 launch.

Location permissions are requested only when you first use a location-based feature. You can revoke location access at any time in iOS Settings.

8. Data Storage & Security

8.1 App Data (On-Device)

The majority of your pet data is stored locally on your device using Apple's SwiftData framework and synced to your personal iCloud via CloudKit. This includes pet profiles, health records, memories, care tasks, walk routes, vault documents, and expenses. This data is encrypted by iOS and protected by your device passcode.

8.2 Cloud Data (Supabase)

Account and feature data uses Supabase (hosted on AWS cloud infrastructure) with row-level security. Only the following data is stored server-side: user profiles (display name, avatar), referral tracking, AI usage counts and AI output/safety logs described above, subscription events, product analytics, and crash/error diagnostics. All data is transmitted via TLS encryption, and the AI logs described above are access-restricted to authorised personnel for safety, debugging, and quality purposes only.

8.3 Website Data (Supabase)

The waitlist database is stored on Supabase with row-level security. Waitlist data includes email, marketing attribution (UTM), referral code, and position.

8.4 Document Vault

The Document Vault is protected by a local PIN you set. Vault data is stored on-device and in your iCloud. We cannot access or recover your vault PIN. If you forget your PIN, vault data cannot be recovered.

8.5 Browser Storage

We use browser storage for the following purposes only:

pc-theme (localStorage) — Your light/dark mode preference
pc-waitlist (localStorage) — Temporary fallback if a waitlist submission fails due to a network error; cleared after successful retry

No persistent tracking identifiers are stored. You can clear all browser storage at any time via your browser settings.

9. Third-Party Services

Third-party services used, their purpose, and what data is shared
Service	Purpose	Data Shared
Apple Inc. (CloudKit, Sign in with Apple, StoreKit, Maps)	Data sync across your devices, authentication, subscription management, map display	Pet data (encrypted in your iCloud), authentication tokens, purchase data per Apple's terms
Google LLC (Sign in with Google)	Authentication	Email address, display name (only on sign in)
Google LLC (Gemini API, paid tier)	AI features (chat, photo care notes, breed ID, food reference lookup, care note summaries)	User prompts, selected pet photos, pet context — only when you trigger an AI feature
Google LLC (Places API, Maps, Environment APIs)	Vet locator, place search, air quality, pollen, UV data	Approximate location during request (not stored)
Supabase Inc. (hosted on AWS)	Authentication, waitlist, edge functions, account data, AI usage/safety logs	Email, display name, user ID, transient IP for request lifecycle, AI usage/output data described in Section 5
Apple App Store / Google Play (billing)	Subscription and in-app purchase processing (Google Play applies to the Android version, in development)	Purchase and subscription status per the store's terms; we do not receive your full payment-card details
Cloudflare, Inc.	Website hosting (Pages), CDN for editorial assets (R2 — images.petcapsule.app), DDoS protection	Transient IP at edge for the request lifecycle; not used for tracking or profiling
Moxie Observe (Securight)	Cookie-free product and web analytics, error tracking, performance metrics	Event names, page path, anonymised user identifier, error stack traces. No PII payload; IP is processed transiently for geolocation aggregation only.
Self-hosted Supabase analytics	Edge analytics for waitlist + page views	Page path, referrer, screen width, UTM, approximate country (no cookies, no cross-site identifiers)
Brevo SAS (formerly Sendinblue, EU)	Transactional emails (waitlist welcome, account), CRM	Email address, referral code, signup date, UTM attribution

Note on Google Gemini (paid tier): Pet data sent to the Gemini API for AI features is processed under Google's paid API terms and is not used to train Google's models. Data is sent only when you explicitly trigger an AI feature, and the App routes all calls through our secure server-side proxy (a Supabase Edge Function) so the App never communicates directly with Google. We do not send financial data, vault documents, or personal identity information to Gemini.

Note on Brevo: When you join our waitlist, your email address and referral information are sent to Brevo (EU) for sending welcome emails and managing our contact list. Brevo processes data per their privacy policy. You can unsubscribe from emails at any time using the link in any email we send.

Note on Moxie Observe: Moxie Observe is our own first-party observability platform (also operated by Securight). It captures anonymous product and web analytics, error reports, and performance metrics. It does not set cookies, does not perform cross-site tracking, and does not receive PII payloads. Data is processed in Australia/US Cloudflare regions and retained for 90 days.

9.1 Editorial Content & AI Assistance

The Website hosts an editorial library (breed guides and a general care library). Drafts of this editorial content are often prepared with AI assistance (currently Anthropic Claude and Google Gemini) and reviewed against authoritative veterinary references before publication. This is unrelated to the AI features inside the App, which process your pet's data only when you trigger them.

No personal data is sent to AI models when you read editorial content. The editorial pages are static HTML served from Cloudflare. Read our Editorial Policy for the full process, sources, and how to report a correction.

10. Automated Decision-Making

Pet Capsule uses AI-powered features that involve automated processing of pet-related data (photo care notes, breed identification, care note summaries). Important clarifications:

These features involve automated processing of pet data only — not profiling of humans
No automated decisions are made that produce legal effects or similarly significant effects on you as a person
AI results are presented as suggestions only — you always have final decision-making authority
You can choose not to use AI features at any time without losing access to core app functionality

11. Data Retention

Data retention periods by data type
Data Type	Retention Period
Waitlist signups	Until app launch + 90 days, or until you request deletion
App account data	Until you delete your account
On-device pet data	Until you delete it from the app or uninstall
Anonymous usage analytics	90 days, then automatically purged
Error/crash reports	30 days, then automatically purged
AI output logs	30 days, then automatically purged
AI usage logs	90 days, then automatically purged
AI feedback/corrections	90 days, then automatically purged unless needed for abuse investigation
AI safety/abuse signal logs	180 days, then automatically purged. Contains category labels only (e.g. "safety_filtered", "injection_rejected"), never prompt text.
Website analytics (self-hosted)	Aggregated indefinitely (no personal data)
Browser localStorage	Until you clear your browser data

12. Your Rights

12.1 All Users

Regardless of your location, you can:

Access your personal data — request a copy of what we store
Correct inaccurate data
Delete your account and all associated data
Export your pet data from the App (PDF, CSV, or JSON)
Unsubscribe from marketing emails at any time
Clear browser localStorage via your browser settings
Opt out of AI features without losing core app functionality

12.2 European Economic Area & UK (GDPR)

Where the GDPR applies to you, you additionally have the rights below. Where it does not strictly apply, we may still voluntarily honour equivalent requests as a matter of good practice. These rights include:

Withdraw consent at any time (without affecting prior processing)
Restrict processing of your data
Object to processing based on legitimate interest
Data portability — receive your data in a structured, machine-readable format
Lodge a complaint with your local Data Protection Authority
Information about automated processing — request meaningful information about AI logic used in our features

To exercise any GDPR right, email [email protected]. We will respond within 30 days.

12.3 California Residents (CCPA/CPRA)

Where the CCPA/CPRA applies to you as a California resident, you have the following rights; where it does not strictly apply, we may still voluntarily honour equivalent requests:

Right to Know — request disclosure of what personal information we collect, use, and share
Right to Delete — request deletion of your personal information
Right to Correct — request correction of inaccurate personal information
Right to Opt-Out of Sale/Sharing — we do not sell or share personal information for cross-context behavioural advertising
Right to Limit Use of Sensitive Information — we do not use sensitive personal information beyond what is necessary to provide our services
Right to Non-Discrimination — we will not discriminate against you for exercising your rights

Do Not Sell or Share My Personal Information: Pet Capsule does not sell your personal information. We do not share personal information for cross-context behavioural advertising. No opt-out is required because no sale or sharing occurs.

To exercise any CCPA right, email [email protected]. We will verify your identity and respond within 45 days.

12.4 Australian Privacy Act

Pet Capsule aims to handle personal information consistently with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), where applicable and practicable. As a small business operator, we may be exempt from certain APP obligations, but we aim to follow the APP principles as a matter of good practice:

APP 1 (Open & transparent) — This privacy policy describes our data handling practices
APP 2 (Anonymity) — You can use core app features without providing your real name
APP 3 (Collection) — We only collect personal information reasonably necessary for our functions
APP 5 (Notification) — We notify you at the point of collection about how your data will be used
APP 6 (Use & disclosure) — We use your data only for the primary purpose for which it was collected
APP 8 (Cross-border disclosure) — Data may be processed outside Australia by our infrastructure providers (Supabase, on AWS) and by Google (AI features). We ensure appropriate safeguards are in place
APP 11 (Security) — We take reasonable steps to protect your data from misuse, interference, and loss
APP 12 (Access) — You can request access to your personal information at any time
APP 13 (Correction) — You can request correction of inaccurate personal information

To exercise any rights under the Australian Privacy Act, email [email protected].

13. Data Breach Notification

In the unlikely event of a data breach that is likely to result in serious harm:

GDPR (EU/UK): We will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay where the breach poses a high risk to their rights and freedoms
Australian NDB Scheme: We will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable, and in any event within 30 days of becoming aware of the breach
CCPA (California): We will notify affected California residents in the most expedient time possible and without unreasonable delay
All users: We will notify you via email and/or in-app notification, explaining what happened, what data was affected, and what steps we are taking

14. International Data Transfers

Your data may be processed outside your country of residence — including by our infrastructure providers (Supabase, hosted on AWS) and by Google (for AI features), which may operate data centres in various regions. We ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) where required by GDPR
Supabase and Google's compliance with applicable data protection frameworks
Encryption in transit (TLS) and at rest for all server-side data

15. Children's Privacy

The Pet Capsule App is intended for adults aged 18 or older and is not directed at, or designed for, children. Waitlist signup and App account creation are restricted to users who are at least 18 (and who are not residents of the United States or Canada at launch). We do not knowingly collect personal information from anyone under 18. If we become aware that we have collected personal information from a person under 18, we will delete it promptly. Contact us at [email protected] if you believe someone under 18 has provided us with their data.

16. Changes to This Policy

We may update this policy from time to time. For significant changes, we will notify you via email (for account holders) or a prominent notice on the Website at least 30 days before the changes take effect. The "Last updated" date at the top will always reflect the latest revision.

17. Contact Us

For any privacy questions, data requests, or concerns:

Privacy & data requests: [email protected] (subject line: "Privacy")
General enquiries: [email protected]
Postal: SECURIGHT PTY LTD, 43 Sanctum Drive, Weir Views, VIC 3338, Australia