Legal
Security
Last updated: 18 July 2026
Your dog's life is personal, so we treat your data that way. Here is how we protect it, in plain terms. This page describes how the product is built today, and we update it as our practices change.
Encryption
- All traffic between the app and our servers is encrypted with TLS in transit.
- Your data is encrypted at rest by our hosting provider.
Access control
- Database access is gated by Postgres row-level security policies, so you can only ever read your own rows and those of the household you share a dog with.
- Authentication uses signed JWT tokens with a short expiry.
- We follow least-privilege access internally, and only handle your data to run and support the service.
Secrets and keys
API keys and secrets are stored server-side only and are never shipped inside the app. Calls to AI and other providers are made from our backend, so credentials never reach your device.
How your data is used with AI
AI features send your content to trusted providers only to answer you. Under our agreements with them, they do not use your data to train their own models. The full detail, including which providers and which data, is in our Privacy Policy and Subprocessors pages.
Data location and deletion
Your account and your dog's data are hosted in the EU. When you delete your account from Settings, we hard-delete your profile, dogs, photos, logs, voice recordings, and chat history. Most of it goes immediately, and encrypted cold backups age out within 30 days. See the Privacy Policy for the full retention detail.
Reporting a vulnerability
If you believe you have found a security issue, we want to hear from you. Email hello@petverseapp.com with “Security” in the subject line, and include enough detail for us to reproduce it. Please give us a reasonable chance to fix the issue before disclosing it publicly, and do not access or modify data that is not yours while testing. We are grateful for responsible disclosure and will keep you updated.