Last updated: July 05, 2026
For the purposes of these Terms of Service, the following terms shall have the following meanings:
Last updated: July 05, 2026
This Privacy Policy explains how we process the personal data of individuals using the Dog&Care mobile application and of individuals contacting us in connection with the operation of the application. Dog&Care respects the privacy of Users and exercises due diligence to ensure that personal data is processed lawfully, fairly, transparently, and securely. In connection with the processing of personal data, we apply appropriate technical and organizational measures to protect data, ensure the confidentiality of information, and prevent unauthorized access to data.
The Dog&Care application is a mobile application supporting dog caregivers in day-to-day care. In particular, the application enables users to maintain a dog profile, perform daily check-ins, use a care calendar, set reminders, track walk time, browse educational articles, and receive reports generated by the algorithmic assistant Assol. Assol uses the Dog&Care knowledge base and large language model technology, i.e. AI. Report content generated by Assol is informational and educational in nature. It does not constitute veterinary advice, a diagnosis, treatment recommendations, or a substitute for consultation with a veterinarian.
The application is educational, informational, and organizational in nature. It is not a diagnostic tool, is not used to treat animals, and does not replace consultation with a veterinarian. The Dog&Care application is intended for adults, or for individuals using it with the consent and under the supervision of a parent or legal guardian. The application is not directed at children as independent users.
Data concerning the dog, including dog profile data, check-ins, symptoms, activities, and information entered into the application, does not constitute health data of a natural person within the meaning of the GDPR, unless it relates to human health. However, it may constitute personal data if it is linked to a User's Account or allows the User to be indirectly identified.
The User should not enter into the application special categories of data concerning themselves or other persons, in particular data concerning human health, racial or ethnic origin, political opinions, religious beliefs, biometric data, data concerning sexuality, or other sensitive data, unless this is necessary to use the application.
This Privacy Policy contains information, in particular, on:
The processing of personal data is carried out in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, hereinafter referred to as the "GDPR", and other applicable legal provisions.
The controller of personal data processed in connection with the use of the Dog&Care application is Hanna Katsko, residing at Diamentowa 50, Ożarów Mazowiecki, Poland, hereinafter referred to as: "Dog&Care", "Administrator" or "we".
The Controller may be contacted regarding all matters relating to the protection of personal data:
If the Controller appoints a data protection officer, their contact details will be made available in the application and in this Privacy Policy.
In connection with the use of the Dog&Care application, we may process the following categories of personal data:
1. Account and login data. We process data necessary to create an Account, log in, and use the application, in particular:
2. Data concerning the dog's profile. We may process data entered by the User in the dog's profile, in particular:
3. Data concerning the use of the application's functions. We may process data related to the User's activity in the application, in particular:
4. Data concerning subscriptions. In connection with the Premium Plan, we may process data concerning subscriptions, in particular:
Dog&Care does not directly process payment card numbers, CVV codes, bank account details, or the User's full billing data.
5. Communication and complaint-related data. If you contact us, we may process:
6. Technical and diagnostic data. We may process technical data related to the operation of the application, in particular:
7. Analytics data. If we use analytics tools, we may process data concerning how the application is used, in particular:
The scope of analytics data depends on the application's configuration and the consents required by law or by device settings.
8. Data concerning push notifications. If the User grants system-level consent to push notifications, we may process:
1. Providing the application's features. We process data in order to enable the use of the application's features, including the dog's profile, check-ins, the care calendar, reminders, the Walking Tracker, articles, saved content, and Daily Reports.
Legal basis: Article 6(1)(b) GDPR.
2. Generating reports. We process data in order to generate Daily Reports through the Dog&Care intelligent decision engine, an AI-based system whose output is interpreted and presented to the User as the assistant Assol. For this purpose we may process the dog's profile data, check-ins, symptoms, activities, events, and notes. Daily Reports are informational in nature and do not constitute veterinary advice, a diagnosis, treatment recommendations, or a substitute for consultation with a veterinarian.
Legal basis: Article 6(1)(b) GDPR, if the AI feature is part of the service provided to the User. Additionally, to the extent necessary to ensure the quality, security, and proper functioning of the AI features, the basis may be Article 6(1)(f) GDPR, i.e. the Controller's legitimate interest in maintaining, securing, and improving the application.
3. Servicing the Premium Plan and subscriptions. We process data in order to service the Subscription, synchronize purchase status, grant access to Premium features, and handle subscription entitlements through RevenueCat, the Apple App Store, or the Google Play Store.
Legal basis: Article 6(1)(b) GDPR.
4. Handling payments and settlements. Payments are handled by the Apple App Store or the Google Play Store. Dog&Care does not directly process payment card data or bank account data. However, we may process data concerning subscription status, entitlements, and settlements to the extent necessary to perform the contract.
Legal basis: Article 6(1)(b) GDPR, and with respect to tax, accounting, or legal obligations – Article 6(1)(c) GDPR.
5. Contact, reports, and complaints. We process data in order to handle inquiries, technical reports, complaints, requests for assistance, and other correspondence.
Legal basis: Article 6(1)(b) GDPR – if the contact concerns performance of a contract or a complaint related to the service; Article 6(1)(f) GDPR – the Controller's legitimate interest in conducting correspondence, handling reports, and protecting the Controller's rights.
6. Security and prevention of abuse. We process data in order to ensure the security of the application, detect abuse, handle incidents, monitor errors, keep technical logs, and protect Users' Accounts.
Legal basis: Article 6(1)(f) GDPR – the Controller's legitimate interest in ensuring the security of the application, data, and infrastructure.
7. Error monitoring and diagnostics. We process data in order to detect crashes, analyze errors, improve the application's stability, and ensure its proper operation, including through the use of tools such as Sentry or Firebase Crashlytics, where applied.
Legal basis: Article 6(1)(f) GDPR.
8. Application analytics. We process data in order to analyze how the application is used, measure the effectiveness of its features, improve onboarding, improve the quality of the application's operation, and develop our services.
Legal basis: Article 6(1)(f) GDPR – the Controller's legitimate interest in developing and improving the quality of the application; Article 6(1)(a) GDPR – the User's consent, where required for analytics or for access to information on the User's device under the application's given configuration or applicable law.
9. Push notifications. We process data in order to send notifications concerning the operation of the application, reminders, tasks, check-ins, reports, and technical messages.
Legal basis: Article 6(1)(b) GDPR – if notifications are part of the service used by the User; Article 6(1)(a) GDPR – to the extent that the User's consent is required, in particular system-level consent at the device level.
10. Marketing. If Dog&Care conducts marketing communications, data is processed for this purpose exclusively on the basis of the User's separate consent or another basis permitted by law. Use of the application does not require consent to marketing.
Legal basis: Article 6(1)(a) GDPR or Article 6(1)(f) GDPR, if the applicable law permits the Controller's legitimate interest, taking into account the requirements concerning electronic communications.
11. Establishing, pursuing, or defending claims. We process data in order to establish, pursue, or defend against claims.
Legal basis: Article 6(1)(f) GDPR – the Controller's legitimate interest.
Dog&Care uses external providers only to the extent necessary for the operation of the application, servicing Accounts, login, subscriptions, payments, notifications, analytics, error monitoring, hosting, infrastructure, and AI features.
The recipients of personal data may include, in particular:
The scope of data transferred to providers depends on the application's actual configuration, the features used by the User, and the User's settings.
If an external provider processes personal data on behalf of Dog&Care, such processing takes place on the basis of an appropriate data processing agreement or equivalent data processing terms consistent with the GDPR. Dog&Care does not use private check-in data, content concerning the dog, or content entered in the AI features for behavioral advertising.
1. Apple and Google – login and stores. If the User uses login via Apple or Google, Dog&Care may receive from the relevant provider the data necessary for authentication, in particular the account identifier, e-mail address, and basic profile data, if made available. If the User purchases the Premium Plan, the transaction is handled by the Apple App Store or the Google Play Store in accordance with the rules of the relevant Store.
2. RevenueCat – subscriptions. RevenueCat may process data necessary to service subscriptions, in particular:
RevenueCat is not used by Dog&Care to process the User's full payment card data.
3. LLM provider – AI features. In order for Assol's features to operate, Dog&Care may transfer to the AI technology provider the data necessary to generate a Daily Report, in particular:
The scope of data transferred to the AI provider is limited to the minimum necessary for Assol's features to operate.
4. Firebase Cloud Messaging – push notifications. In order to send push notifications, Dog&Care may transfer the device token and the content or metadata of the notification, e.g. the title, content, date, time, and in-app routing data.
5. Sentry and Firebase Crashlytics – diagnostics and errors. Diagnostic tools may record data related to errors, crashes, and the application's performance, in particular:
The Controller should apply settings limiting the scope of data transmitted to diagnostic tools, in particular filtering or masking fields that may contain personal data or private content.
6. Amplitude – analytics. Amplitude may be used to analyze how the application is used and to develop its features. The following, in particular, may be transferred to Amplitude:
The scope of data transferred to Amplitude is limited to the data needed for analytics on the operation of the application. Dog&Care does not transfer to Amplitude the full content of private check-ins or content entered by the User in the AI features, unless necessary.
As a rule, data processed within the Dog&Care application is stored on servers located within the European Economic Area, to the extent that the providers' technical configuration allows this. Some of Dog&Care's providers may process data outside the European Economic Area, in particular in the United States. This may concern in particular infrastructure providers and providers of login, subscription, AI, analytics, crash reporting, and error monitoring services.
If data is transferred outside the European Economic Area, the Controller applies mechanisms provided for by the GDPR, in particular:
The Controller periodically verifies the status of providers and the transfer mechanisms applied for transfers of data outside the EEA. The User may contact the Controller to obtain additional information about the safeguards applied to data transfers.
We retain personal data for the period necessary to achieve the purposes for which it was collected, and thereafter for the period required or permitted by law. Data related to the Account is retained for as long as the User holds the Account.
After the Account is deleted, data is deleted or anonymized, subject to data that may be retained longer:
We retain subscription data for the duration of the subscription and thereafter for the limitation period for potential claims related to the provision of the service, unless a longer period results from applicable law.
We retain data processed for settlement, tax, or accounting purposes for the period required by applicable law.
We retain data processed on the basis of consent until the consent is withdrawn, unless earlier deletion of the data results from the cessation of the purpose of processing or from applicable law.
We may retain information about consents given for the period needed to demonstrate the Controller's compliance with applicable law.
We retain technical logs and security data for the period necessary to ensure the security of the application, detect abuse, and handle incidents, for no longer than 12 months, unless longer retention is necessary due to an incident, complaint, claim, or legal obligation.
Backup data is retained for a technically justified period resulting from backup and security procedures, after which it is overwritten or deleted in accordance with the adopted retention cycle.
Providing personal data is, as a rule, voluntary.
Providing an e-mail address or using login via Apple or Google is necessary to create an Account and use the full features of the application. Failure to provide the data necessary to create an Account limits the use of the application to Guest Mode, if such a mode is available.
Providing the dog's profile data is voluntary, but may be necessary to use content personalization features, Assol's Daily Reports, the care calendar, reminders, or other features based on the dog's data.
Granting consent to push notifications is voluntary. Lack of consent does not prevent the use of the application, but limits the ability to receive reminders and messages on the device.
Granting access to the camera or photo library is voluntary. Lack of such access prevents adding or changing the dog's profile picture, but does not prevent use of the application's other features.
Giving consent to marketing is voluntary and is not a condition for using the application.
The application may send push notifications concerning the operation of the application, reminders, tasks, check-ins, reports, technical messages, and other application features. Sending push notifications requires the User's system-level consent. The User may enable or disable push notifications at any time in their device's operating system settings. Lack of consent to push notifications does not prevent use of the application, but may limit the ability to use features based on reminders or alerts.
Use of the Dog&Care application does not require consent to direct marketing. Acceptance of the Terms of Service and confirmation of having read the Privacy Policy do not constitute consent to receive marketing information. If Dog&Care conducts marketing communications by electronic means, the User will be able to give a separate, voluntary consent to receive such information.
Marketing consent may cover, in particular, communication via:
The User may withdraw marketing consent at any time. Withdrawal of consent does not affect the lawfulness of actions taken before its withdrawal. Lack of marketing consent, or its withdrawal, does not limit the ability to use the application, the Free Plan, or the Premium Plan.
The application may use device identifiers, session tokens, installation identifiers, user identifiers, and similar technologies in order to ensure the proper operation of the application, maintain sessions, ensure security, remember the User's settings, and support the application's features. Technologies necessary for the operation of the application, ensuring security, authenticating the User, and maintaining sessions may be used without separate consent, if necessary to provide the service. Analytics, marketing, or similar technologies that are not necessary for the operation of the application may require the User's consent, if this results from applicable law or the application's configuration.
The following analytics and diagnostic tools, in particular, may be used within the application:
The User may manage the application's permissions, including access to push notifications, the camera, and the photo library, through their device's operating system settings.
Sentry, Firebase Crashlytics, or other diagnostic tools may record data related to the occurrence of an error, including technical logs, device data, application version, operating system version, and information about the event whose handling resulted in an error.
The Controller implements, or should implement, mechanisms limiting the scope of data recorded by diagnostic tools, in particular filtering and masking fields containing personal data or private content.
The Controller periodically reviews the settings of the analytics and diagnostic tools, in particular the scope of data collected, the retention period, the transfer of data outside the EEA, and the status of providers with respect to the transfer mechanisms applied.
In connection with the processing of personal data, Users have the rights set out in the GDPR, although the scope of and ability to exercise particular rights may depend on the legal basis and purpose of the processing.
The User has:
If data is processed for direct marketing purposes, the User has the right to object to such processing at any time. Once an objection has been raised, the data will no longer be processed for that purpose.
Withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal.
Requests concerning the exercise of rights may be directed to the Controller:
The Controller may ask the User for additional information needed to confirm their identity or clarify the request, if this is necessary to fulfil it. As a rule, we respond to requests without undue delay, no later than within one month of receiving the request. If, due to the complexity of the matter or the number of requests, we need more time, the response deadline may be extended in accordance with the GDPR, of which we will inform the User. As a rule, we do not charge fees for the exercise of rights under the GDPR. A fee may be charged only in the cases provided for by the GDPR, in particular where a request is manifestly unfounded or excessive.
The User has the right to lodge a complaint with the President of the Personal Data Protection Office if they consider that the processing of their personal data infringes the provisions of the GDPR.
The Dog&Care application is intended for adults, or for individuals using it with the consent and under the supervision of a parent or legal guardian. The application is not directed at children as independent users.
If a minor uses the application, they should do so with the consent and under the supervision of a parent or legal guardian. If the Controller obtains credible information that a child's data is being processed without the required consent or another legal basis, it will take appropriate action, including possibly deleting such data or restricting access to the Account.
The User may delete their Account in the application using the "Delete Account" option available in the Profile / Settings section, or another equivalent feature made available in the application. Deleting the Account results in the deletion or anonymization of the User's data from Dog&Care's active systems, subject to data that may be retained longer in accordance with this Privacy Policy or applicable law.
After the Account is deleted, we may continue to store selected data if this is necessary to:
Deletion of the Account in Dog&Care is not equivalent to cancelling the Subscription in the Apple App Store or the Google Play Store. If the User does not want the Subscription to renew, they should cancel it themselves in the settings of the relevant Store.
We approach the protection of personal data with due diligence and systematically develop the technical and organizational solutions we apply.
The security measures we apply include, in particular:
The security measures applied are adapted to the nature, scope, context, and purposes of data processing and to the risks associated with the processing. The Controller carries out, or should carry out, periodic risk assessments related to the processing of personal data in the Dog&Care application, in particular with respect to the operation of the AI features, the transfer of data to external providers, the use of analytics and diagnostic tools, and the security of Users' data.
The application may contain links to external websites, services, or third-party platforms. Use of external websites, services, or platforms is governed by the rules set by their providers, including their terms of service and privacy policies. Dog&Care has no influence on how personal data is processed by third parties if the User uses their services outside the application or independently of the services provided by Dog&Care.
This Privacy Policy applies from the date of its publication in the Dog&Care application, i.e. from [launch date].
Dog&Care may update the Privacy Policy, in particular in the event of:
Users will be informed of material changes to the Privacy Policy in the application or by e-mail sent to the address associated with the Account.
The current version of the Privacy Policy is available in the application in a manner allowing its content to be read.
In matters not regulated by this Privacy Policy, the applicable provisions of law shall apply, in particular the GDPR. This Privacy Policy is informational in nature and serves to fulfil the Controller's information obligations towards Users.
If the User has questions concerning the processing of personal data in the Dog&Care application, they may contact the Controller at: hello@dogcare.app.