Last updated: May 18, 2026 · Policy version 2026.05.18 (must match in-app version stamp)
We collect the following categories of information:
Account information. When you create an account, we collect your name, email address, username, and password (stored only as a bcrypt hash — never in plain text).
Pet information. Details about your pets that you enter, including name, species, breed, birthday, weight, photo, microchip number, primary vet, and similar identity data.
Health data. Vaccination records, medication entries, weight logs, vet visit notes, uploaded vet PDFs and documents, and other health-related information you enter or import.
Location data. If you enable location for the Lost Pet Pass or any other feature, we collect the pet's most recent GPS coordinates so they can be displayed on the Lost Pet Pass and associated lost-pet page. We do not perform continuous background tracking of you or your pet.
Anonymous Bluetooth sighting network ("ZeroPets Network"). If you opt in to the ZeroPets Network in Settings, your device will (a) advertise a rotating, anonymous Bluetooth identifier when one of your pets is in the "Missing" state, and (b) listen for similar anonymous identifiers broadcast by other ZeroPets users. When your device hears a beacon associated with a pet that another user has marked as missing, the App records a sighting consisting of: a coarsened location, a timestamp, and the anonymous beacon identifier. Sightings are uploaded to ZeroPets, attributed to the missing pet's owner, and never linked to your account or device in any user-facing surface. You can disable the network at any time in Settings, which immediately stops both broadcasting and listening. The legal basis is your opt-in consent; you can withdraw consent by toggling the feature off or by deleting your account.
Push notification tokens. When you grant notification permission, your device provides Apple-issued push tokens that we store and use to deliver Lost Pet Live Activity updates, neighborhood lost-pet alerts, health reminders, and partner offers you have opted into. Tokens can be revoked at any time from iOS Settings or by toggling notifications off in the App.
Third-party GPS tracker integration (Tractive). If you connect a Tractive GPS collar, we store the credentials needed to query Tractive's API on your behalf, your tracker identifier, and the position fixes we retrieve (latitude, longitude, accuracy, battery level, and timestamp). We poll Tractive on a fixed interval, and only while you have an active connection. We do not sell, share, or use Tractive position data for any purpose other than displaying it to you, populating your Lost Pet Pass, and triggering geofence alerts you have configured. You can disconnect at any time, which deletes the stored credentials and stops further polling. Tractive's own privacy policy governs Tractive's processing of your data on its platform.
Finder-submitted sighting reports. When a member of the public uses your pet's public lost-pet page to report a sighting, we store the location they pin on the map, any photo or note they submit, and the contact information they choose to provide. This information is shown to you on your sightings map and is retained for the lifetime of the lost-pet alert plus a reasonable period afterward for your reference. We do not require finders to create an account; if a finder provides contact information, it is processed to help reunite you with your pet and is not used for marketing.
Apple Wallet pass data. When you add a pass to Apple Wallet, we generate and store: pass serial numbers tied to your account and pet; Apple-issued push tokens for the devices you have installed the pass on (so we can deliver updates via APNs); and a record of pass installation, update, and removal events reported by Apple.
Lost-pet scan data. When a member of the public scans your pet's collar QR or visits the pet's lost-pet page while it is in the "Missing" state, we may log the timestamp, approximate IP-derived geolocation, and user-agent of that scan. We use this to give you a best-effort "last scanned at" timeline.
Sitter Pass sharing data. The contact identifier (such as a phone number or email) of any caregiver you share a Sitter Pass with, and the active/revoked status of each pass you have issued.
Rescue and adoption data. If you operate a verified rescue, the organization data needed to verify your IRS 501(c)(3) status, your listings, and adoption inquiries you receive. If you submit an adoption inquiry, the answers and contact information you provide.
Submitted content. Pet profiles, photos, uploaded vet records, lost-pet listings, rescue listings, and inquiry messages.
Usage data. First-party analytics events (screen views, feature usage, interactions) used to improve the App.
Device information. Device type, operating system, app version, and similar diagnostic data for compatibility and troubleshooting.
We use the information we collect to:
To deliver self-updating Wallet passes, we operate a PassKit Web Service. When you add a pass, your iPhone registers the pass with our service and provides a per-device push token. We use that token to send "pass updated" notifications through Apple Push Notification service (APNs); your device then fetches the new pass content from us. We share with Apple only the technical metadata necessary for APNs delivery (device push tokens and pass identifiers). Apple's handling of those tokens is governed by Apple's privacy policy.
Apple Wallet passes display data on your iPhone lock screen, including data that may be visible without unlocking the device. You control which passes are added to your device and can remove a pass at any time from Apple Wallet.
Read this section carefully. When you mark your pet as missing in the App, ZeroPets intentionally publishes the following information so that anyone who finds your pet can contact you:
This information is accessible without authentication to anyone who scans the QR code on your pet's collar tag or who knows the pet's lost-pet URL. It may be cached, indexed, screenshotted, or archived by third parties beyond our control. You can deactivate the public Lost Pet Pass at any time, but we cannot guarantee removal of cached or copied data outside the Service. We recommend using a phone number you are willing to make public for this purpose.
While the pass is active in the "Missing" state, we log basic technical information about each scan of the QR — timestamp, IP address (and the approximate city-level geolocation we derive from it), and user-agent string — so we can show you a best-effort scan timeline and protect against abuse. We do not ask finders to identify themselves and do not associate this scan telemetry with a finder's account or other identifiers we hold. Under the GDPR, UK GDPR, CCPA/CPRA, and similar laws, IP addresses and user-agent strings can constitute personal data or personal information about the finder. We process this telemetry on the legal bases of (i) our legitimate interest in helping you recover your pet and securing the Service against abusive scanning, and (ii) where applicable, the finder's implied consent in choosing to scan a publicly-posted lost-pet QR. We retain this scan telemetry only for as long as needed to serve the scan timeline and abuse-prevention purposes (and in any event no longer than 12 months), after which it is deleted or aggregated. Finders located in regions with applicable privacy rights may exercise those rights by emailing ZeroPets@Outlook.com.
When you issue a Sitter Pass to a caregiver, the recipient can view (and may save to their device) the pet information you have placed on the pass — typically feeding schedule, medications, vet contact, emergency contact, and an embedded Lost Pet QR. We send the pass to the contact identifier you provide (such as phone or email). You control the pass's content and can revoke it at any time. Revocation prevents future updates and removes the live pass, but does not recall information the recipient has already viewed, screenshotted, or copied.
If you operate a rescue organization, we collect the public organization data needed to verify your IRS 501(c)(3) status (using the IRS Tax Exempt Organization Search and similar public sources). When you publish an adoption listing, the listing content (pet photos, story, medical notes, behavior tags) is shown to potential adopters. When an adopter submits an inquiry, their contact information and answers are shared directly with your rescue.
If you complete an adoption through the Adopter Welcome Kit handoff, the rescue may transfer the pet's basic profile (name, species, breed, photo) and a primed Apple Wallet pass to the adopter's ZeroPets account. The adopter then controls that profile. The transferring rescue retains a record of the transfer for audit purposes.
We use third-party AI providers (currently OpenAI) to power features including wellness plans, vet PDF parsing, symptom analysis, breed identification, food safety scanning, health reports, photo analysis, and content moderation. When you use an AI feature, only the data necessary for that request — for example, the contents of the vet PDF you uploaded, the symptoms you described, or the photo you submitted — is sent to the AI provider for processing. We do not authorize the AI provider to use your data to train their general models. AI providers handle data according to their own privacy policies, which we have reviewed for suitability. AI processing is performed on demand and the AI provider does not retain your data beyond the limited retention required for abuse monitoring under their data processing agreement with us.
Your data is stored in secure PostgreSQL databases hosted by trusted infrastructure providers under confidentiality agreements. Passwords are hashed using bcrypt and never stored in plain text. Authentication is handled using JSON Web Tokens (JWT). We use TLS for data in transit, role-based access controls, audit logging for sensitive actions, and regular security reviews. While we strive to protect your data, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.
We do not sell your personal data. We share data only in the following circumstances:
You have the right to:
If you are located in the European Economic Area, the United Kingdom, or California, you may have additional rights under the GDPR, UK GDPR, or CCPA/CPRA, including the right to object to processing, the right to data portability, the right to know what personal information is collected, the right to non-discrimination for exercising your rights, and the right to lodge a complaint with a supervisory authority. To exercise these rights, contact us at ZeroPets@Outlook.com.
We retain your data for as long as your account is active. When you delete your account, we will delete your personal data within 30 days, except where retention is required by law, for fraud prevention, or for the integrity of pending Lost Pet, Sitter, or rescue/adoption transactions. Wallet pass technical metadata necessary for the proper operation of in-flight passes may be retained until those passes are uninstalled from devices. Aggregated, non-identifiable analytics data may be retained indefinitely.
You must be at least 18 years of age to use ZeroPets. By using the Service, you represent and warrant that you are at least 18 years old. We do not knowingly collect personal information from anyone under 18. If we become aware that a person under 18 has provided us with personal information, we will take steps to delete such information. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at ZeroPets@Outlook.com.
The App uses local storage (AsyncStorage) and Apple's recommended secure storage to store your preferences, authentication tokens, and cached data on your device. We collect first-party analytics events (screen views, feature usage, interactions) to understand how the App is used and to improve the experience. This data is sent to our own servers only and is not shared with advertising networks.
You can opt out of analytics at any time by going to Account → Privacy → App Analytics and turning off the toggle. When opted out, no usage events will be recorded or transmitted from your device.
We do not use third-party advertising trackers, do not allow third parties to set advertising identifiers through the App, and do not share analytics data with any external parties other than infrastructure providers under confidentiality agreements.
Your data may be processed and stored in countries other than your own, including the United States. We rely on appropriate safeguards for international data transfers, including Standard Contractual Clauses where required by applicable law. By using the Service, you consent to the transfer of your data to the United States and other jurisdictions where our infrastructure and AI providers operate.
We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or by email. Your continued use of the Service after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.
If you have questions or concerns about this Privacy Policy or your data, please contact us through the Help & Support section in the App or email us at ZeroPets@Outlook.com.