Privacy Policy

1. Introduction

PawPass (hereinafter "we", "us", or "our") operates the website pawpass.rs and the PawPass mobile application (hereinafter the "Platform"). This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our Platform. By using our Platform, you consent to the collection and use of information in accordance with this policy. If you do not agree with these terms, please do not use our Platform.

2. Data We Collect

We collect the following categories of data:

• Personal data – full name, email address, phone number, profile photo, password (encrypted)
• Pet data – name, type, breed, weight, date of birth, city, gender, allergies, photos, QR code/NFC tag identifiers
• Usage data – IP address, browser type, operating system, pages visited, access times, Platform interaction data
• Location data – when using the find-my-pet feature, we collect the finder's location data
• Payment data – payment processing is handled by Stripe Inc. We do not store credit card numbers or bank account details on our servers

3. How We Use Your Data

We use your data for the following purposes:

• Providing and maintaining our services – account management, reservations, subscriptions, QR tag functionality
• Communication – sending reservation confirmations, status notifications, system alerts
• Pet safety – enabling finders to contact owners via QR code/NFC tag
• Service improvement – analyzing Platform usage to enhance user experience
• Legal obligations – fulfilling legal requirements and resolving disputes
• Marketing – sending promotional offers and discounts (only with your explicit consent)
• Customer support – responding to your questions and requests through the feedback system

4. Legal Basis for Processing

We process your data based on the following legal grounds:

• Performance of a contract – processing is necessary to provide the services you requested (account, reservations, subscriptions)
• Consent – for sending marketing communications and using non-essential cookies
• Legitimate interest – for improving our services, fraud prevention, and ensuring Platform security

5. Sharing Data with Third Parties

We share your data with the following categories of recipients:

• Partners (service providers) – when you make a reservation, the partner receives your name, contact details, and pet information necessary to provide the service
• Payment processors – Stripe Inc. processes all transactions in compliance with PCI DSS standards
• Authentication providers – Google, Apple, and Facebook when you use social login
• Analytics services – we use PostHog for Platform usage analytics to improve our services

6. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Platform, remember your preferences (including language settings), provide analytics, and improve user experience. Essential cookies are required for basic Platform functionality and cannot be disabled. Analytics cookies help us understand how you use the Platform. You can manage cookie settings through your browser.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. When you delete your account, your personal data will be deleted or anonymized within 30 days, except for data we are legally required to retain.

8. Your Rights

Under applicable data protection laws, you have the following rights:

• Right of access – you have the right to request a copy of your personal data that we process
• Right to rectification – you have the right to request correction of inaccurate data
• Right to erasure – you have the right to request deletion of your data under certain conditions
• Right to data portability – you have the right to request transfer of your data in a structured, machine-readable format
• Right to object – you have the right to object to processing of your data based on legitimate interest
• Right to withdraw consent – where processing is based on consent, you have the right to withdraw it at any time

9. Data Security

We implement appropriate technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. This includes data encryption in transit (SSL/TLS), password hashing, regular security audits, and restricted access to personal data. However, no method of data transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

Our Platform is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that data.

11. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. We will notify you of significant changes via email or a notice on the Platform. We recommend that you periodically review this page. Continued use of the Platform after changes constitutes your acceptance of the updated policy.

12. Contact

If you have questions about this Privacy Policy or wish to exercise your data protection rights, contact us at: PawPass Email: office@pawpass.rs Website: https://pawpass.rs