Privacy Policy
Last updated: April 13, 2026
1. Data We Collect
- Account information (email address)
- Dog profiles (name, breed, age, weight, sex, photo)
- Health records (medications, vaccinations, vet visits, health conditions, allergies, insurance, diet plans)
- Vet contact information (name, clinic, phone, email)
- Chat conversations with Hazel (your messages and Hazel's responses)
- Images you upload for AI analysis (vet records, vaccination cards, photos)
- Behavior logs, mood entries, and training session data
- Device push notification tokens
- Subscription status and billing tier (no payment card details)
- Usage data (message counts, feature usage)
2. How We Use Your Data
- Provide and improve the Romp service
- Power Hazel's AI responses with your dog's health context
- Send health reminders and, for Plus users, proactive insight notifications
- Detect health patterns over time
- Analyze anonymized, aggregate usage trends to improve the service
- Train and improve our own AI models using anonymized data to provide better insights for all users
3. AI Processing
Your dog's health data, conversation messages, and uploaded images are sent to our AI provider's API to generate Hazel's responses. We may also use anonymized conversation data and health records to train and improve our own AI models, in order to provide better, more accurate insights for all users. We may change AI providers; data sent to third-party AI providers is handled according to the provider agreement, configuration, and applicable provider policies in effect at the time of processing.
Your data is never sold to third parties for their own model training.
4. Data Storage & Retention
Your data is stored securely on Supabase. All data is encrypted in transit (TLS) and at rest (AES-256). Row-level security ensures you can only access your own data.
Active accounts: We retain your data for as long as your account is active.
Deleted accounts: When you request account deletion, your account enters a 30-day grace period during which you can cancel the deletion by signing back in. After 30 days, your personal data is permanently removed (see Section 7 for details on what is retained in anonymized form).
Financial records: Subscription and payment records are retained in anonymized form (with your user identifier removed) for up to 7 years to comply with tax and accounting laws.
Audit trail: We maintain a cryptographically hashed record of deletion requests (no personal data) for up to 3 years to demonstrate compliance with data protection laws.
5. Data Sharing
We do NOT sell, rent, or share your personal data or your dog's health information with third parties for marketing purposes. Data is shared only with the following service providers, solely to operate Romp:
- Our AI provider (to generate Hazel's responses, as described in Section 3)
- Supabase (database and file hosting)
- RevenueCat (subscription, web billing, and purchase verification — receives your anonymous user ID and subscription status)
- Expo (push notification delivery — receives your device token)
- Apple App Store, Google Play Store, or RevenueCat Web Billing (payment processing — handles billing directly; we never see your payment card details)
6. Device Permissions
Romp may request access to:
- Camera and photo library (to upload dog photos and documents for AI analysis)
- Push notifications (for medication reminders, health alerts, and Plus proactive insights)
You can revoke these permissions at any time in your device settings.
7. Data Export & Deletion
Export: You can export all your data at any time from Profile → Account → Export Data.
Delete (in-app): You can request deletion from Profile → Account → Delete Account. Deletion follows a 30-day grace period before your data is permanently removed. To cancel, sign back into the app within the grace period.
Delete (web): You can also request account deletion from the web at romp.pet/delete-account without installing the app.
What is permanently deleted after 30 days:
- Chat conversations with Hazel and AI history
- Notification preferences and push tokens (push tokens are deleted immediately)
- Your profile
- Dog profiles, health records, vet visits, treatments, and uploaded documents that belong only to your account
- Shared-household dog records may remain available to remaining account members
- Account and household memberships
What is anonymized and retained (no longer linked to you):
- Bug reports and feature requests you submitted (content only, to improve the product)
- Aggregated usage metrics (message counts, feature usage) for cost and capacity analysis
- Financial transaction records for tax compliance (retained up to 7 years as required by law)
Anonymized data is no longer considered personal data under GDPR, CCPA, PIPEDA, and similar laws because it cannot be linked back to you.
8. Push Notifications
We send push notifications for medication reminders, vaccination alerts, and, for Plus users, proactive check-ins and pattern alerts. You can control which notification types you receive and set quiet hours in Profile → Notifications.
9. Your Rights
Depending on your location, you may have the following rights:
- Right to access your data (available via Export)
- Right to delete your data (available via Delete Account; subject to the retention rules in Section 7)
- Right to correct your data (edit your dog's profile or health records anytime)
- Right to data portability (available via Export in JSON format)
- Right to opt out of non-essential data processing
- Right to cancel a pending deletion (sign back in within 30 days)
California residents (CCPA/CPRA): You have the right to know what personal information we collect, request deletion, correct inaccurate information, and opt out of the sale or sharing of personal information. We do not sell or share personal information. Retention of anonymized records is permitted under CCPA exceptions for transactions, security, and legal compliance.
EU/EEA/UK residents (GDPR): Our legal bases for processing are (a) performance of the contract you entered into when creating an account, (b) legitimate interest in improving the service via anonymized analytics, and (c) legal obligation for financial record retention. Anonymized records are no longer personal data under GDPR Article 4 and are outside the scope of erasure rights.
Canadian residents (PIPEDA): We destroy personal information when it is no longer needed for the purposes it was collected, subject to legal retention obligations.
Brazilian residents (LGPD): You have rights equivalent to those under GDPR. Anonymized data is outside the scope of LGPD per Article 12.
To exercise any of these rights, contact us at the address in Section 11.
10. Children's Privacy
Romp is not intended for use by children under 13. We do not knowingly collect data from children.
11. Contact
For privacy questions, data requests, or concerns: romp.pet@outlook.com