Health Data Privacy Notice
Working version · last updated June 20, 2026
This notice supplements our Privacy Policy and describes how VetsApp handles health data — your pet’s health information, and any information about your own health you choose to share. We apply the protections in this notice to all users, regardless of state.
1. Health data we collect
- Pet health data: your pet’s signalment (species, breed, age, sex), conditions, symptoms and observations you report, medications, vaccination status, lab and diagnostic results, and the content of records you upload — plus structured data our AI extracts from those records.
- Your health data, if you share it: some consultations touch your own health (for example, asking whether a pet’s condition is transmissible to a person in the household with a health condition). Anything you tell us about your own health is consumer health data under this notice.
- Inferences: information the Service derives from the above in order to provide triage and summaries (for example, an urgency assessment).
We do not collect biometric data about you, and we do not use geofencing of any kind around health-care facilities (or at all).
2. Sources
Health data comes from: you (what you type, select, or narrate); documents you upload; and processing we perform on those inputs (AI parsing and assessment). If a veterinarian or other professional contributes to your pet’s record through an access grant, their contribution is marked with its origin.
3. Why we collect it
Solely to provide the Service to you: conducting consultations, assessing urgency, parsing and organizing records, maintaining your pet’s longitudinal health record, generating summaries and views you request, and sharing with parties you authorize. We also process data as needed for security, legal compliance, and support.
We do not collect or use health data for advertising. We do not sell health data. Any future de-identified research program would be strictly opt-in, off by default, separately consented, and declining would never affect your access to care.
4. Who receives it
- Third parties you direct: veterinarians, clinics, boarding facilities, or others you grant access — per the scope and duration you set.
- Processors: the vendors that run the Service — cloud compute/storage (Cloudflare), database/authentication (Supabase), AI providers (Anthropic, OpenAI, and/or Google, via Cloudflare’s AI gateway) — each bound to process data only to provide its service to us.
- Legal: disclosures required by law or to protect rights and safety.
No affiliates exist; if that changes, this notice will be updated before any sharing occurs.
5. Your rights
For health data covered by this notice, you may:
- Access the health data we hold, including a list of third parties with whom it has been shared at your direction;
- Withdraw consent to our collection or sharing of your health data going forward;
- Delete your health data (subject to the narrow, named exceptions in Privacy Policy §6 — legal retention, security, and content already shared at your direction — and with deletion propagated to our processors);
- Appeal a refusal to act on a request, and contact your state attorney general if the appeal fails.
To exercise any right: [email protected]. We verify identity before acting and respond within 45 days.
6. Changes and contact
Material changes to this notice are announced at least 30 days in advance and never applied retroactively to reduce protections without your consent.
[email protected]. A mailing address will be provided once our company is formed.