Privacy Policy

Last updated: May 2026  |  Effective: May 2026

1. Introduction

PetPetumMobile ("the App", "we", "our") is developed and operated by Mateusz Sobstyl ("Developer"). This Privacy Policy explains how we collect, use, store, and protect information when you use PetPetumMobile on Android and iOS devices.

By using the App you agree to the practices described in this policy. If you do not agree, please discontinue use of the App.

2. Information We Collect

2.1 Information You Provide

• Account data — email address and password when you register or sign in via Firebase Authentication (Google or Apple sign-in).
• Pet data — name, species, breed, date of birth, weight, photos, health records, vaccination history, medications, vet contacts, and expenses you enter for your pets.
• Photos — images you capture with the camera or select from your photo library for your pet profiles.

2.2 Information Collected Automatically

• Location (When In Use) — approximate or precise location used solely to display nearby veterinary clinics on the map. Collected only while the App is open and only when you use the map feature. We do not collect location in the background.
• Device / advertising identifiers — used by Firebase and by Google AdMob for analytics and advertising purposes. Advertisements are shown only to free-tier users; Premium subscribers see no ads. Within the European Economic Area we request your consent (via Google's consent management) before serving personalised ads, and you may opt out of personalised ads at any time.
• Crash reports — anonymised crash and performance data collected via Firebase Crashlytics to improve stability.
• Usage analytics — aggregate usage statistics via Firebase Analytics to understand feature adoption.

2.3 In-App Purchase Information

Premium subscriptions are processed by Google Play or the Apple App Store. We do not receive or store your payment card details. We receive only a confirmation of purchase status from the platform.

3. How We Use Your Information

• Provide and maintain the App's core functionality (pet records, reminders, health tracking).
• Sync your data across devices via Firebase Firestore (optional, requires sign-in).
• Show nearby veterinary clinics using your current location (on-demand).
• Process and verify premium subscription status.
• Analyse crash reports to fix bugs and improve the App.
• Display advertisements to free-tier users (Premium subscribers see no ads); you may opt out of personalised ads.

Legal basis (GDPR Art. 6): we process your data on the following bases: performance of a contract (account, cloud sync, subscription verification); your consent (location, personalised advertising, optional analytics), which you may withdraw at any time; and our legitimate interests (crash reporting and security, to keep the App stable and safe).

4. Data Storage

Local storage: All pet data is stored locally on your device using an encrypted database (Hive with AES-256 encryption). Data is never transmitted without your explicit action (e.g. enabling cloud sync).

Cloud storage: If you enable cloud sync, data is stored in Google Firebase Firestore (region: EU or US, depending on project configuration). Firebase is operated by Google LLC. For details see Firebase Privacy.

International transfers: some of our processors (Google / Firebase, RevenueCat) are based in the United States, so your data may be transferred to and processed outside the European Economic Area. Such transfers rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework.

5. Third-Party Services

• Firebase (Google LLC) — Authentication, Firestore, Storage, Crashlytics, Analytics. Google Privacy Policy.
• Google AdMob — advertising SDK shown to free-tier users. May use device / advertising identifiers for ad delivery and personalisation. Personalised ads in the EEA require your consent; you can opt out via the in-app consent prompt or your device settings. AdMob & privacy.
• RevenueCat — manages Premium subscription status. Receives an anonymous app user identifier and purchase status (no payment card data). RevenueCat Privacy.
• Google Play / Apple App Store — in-app purchase processing.
• OpenStreetMap / Nominatim / Overpass — map data and vet clinic locations (no personal data sent, only coordinates).

6. Pet Sharing Between Users

The App lets you share a pet with another user (for example a family member or your veterinarian) by email invitation or by a QR code / invite link. When you share a pet, the invited user can view that pet's data on their own account, limited to the access level you choose (for example, a veterinarian role can view only medical records such as visits, vaccinations, medications, blood tests, and weight). You decide whom to invite and you can revoke access at any time. You are responsible for choosing whom you grant access to, and we are not responsible for how an invited user handles data you have shared with them. Sharing requires cloud sync (Firebase) to be enabled.

7. Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the following rights:

• Right of access — request a copy of all personal data we hold about you.
• Right to erasure — request deletion of all your data (see Account Deletion Policy).
• Right to portability — receive your data in a machine-readable format.
• Right to rectification — correct inaccurate or incomplete data.
• Right to restrict processing — limit how we use your data.
• Right to object — object to processing for direct marketing.

To exercise any of these rights, contact us at mateusz33825@gmail.com. We will respond within 30 days.

8. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know — the categories and specific pieces of personal information we have collected about you.
• Right to delete — request deletion of personal information we have collected from you.
• Right to opt out of sale — we do not sell your personal information to third parties. If this changes, we will update this policy and provide an opt-out mechanism.
• Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, email us at mateusz33825@gmail.com.

9. Data Retention

Local data is retained until you delete it or uninstall the App. Cloud data (Firebase) is retained until you delete your account. After account deletion, data is permanently removed within 30 days from Firebase servers.

10. Children's Privacy

The App is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us at mateusz33825@gmail.com and we will delete it promptly.

11. Security

We implement industry-standard security measures including AES-256 encryption for local data, TLS encryption for data in transit, and secure key storage. However, no method of electronic storage or transmission is 100% secure.

Data breach notification: in the event of a personal data breach likely to affect you, we will notify the competent supervisory authority (in Poland, the President of the Personal Data Protection Office, UODO) without undue delay and where feasible within 72 hours, and we will inform affected users without undue delay when the breach is likely to result in a high risk to their rights (GDPR Art. 33-34), together with the steps taken to mitigate it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the App after changes constitutes acceptance of the new policy.

13. Contact

If you have questions about this Privacy Policy or wish to exercise your rights, contact:

Mateusz Sobstyl
Email: mateusz33825@gmail.com