Trust before novelty.
You're considering storing your pet's medical records, your family's routines, and your emergency contacts with us. Here is exactly how that data is protected — in plain English first, technical detail second, and honest "in progress" labels where we're not done.
Who can see your pet's data
LiveOnly active members of your household. When you invite a sitter, they get a role that limits what they see. When you remove someone, access ends immediately.
Technical detail→
Every database table is protected by row-level security policies that resolve through active household membership — the same rule the database enforces no matter which app screen, API route, or query is involved. Client-side checks are never the security boundary. Cross-household access attempts return nothing, and membership roles (owner, admin, member, caregiver, sitter, viewer) are checked server-side on privileged actions.
Last verified: July 17, 2026
Share links
LiveCare cards and emergency summaries are shared through links that expire on a schedule you pick, show a view count, and can be revoked with one tap.
Technical detail→
Tokens are 48-character random hex values generated by the database. Public share pages resolve tokens through a single server-side function that checks revocation and expiry before returning a purpose-built payload — there is no anonymous read path to the underlying tables. Care cards are snapshots: sharing one never exposes your live account.
Last verified: July 17, 2026
PetPal AI boundaries
LiveThe AI answers only from your pet's records, tells you which records it used, admits when it doesn't know, and never diagnoses. If you describe an emergency, it tells you to contact a vet first.
Technical detail→
Context for every AI request is assembled server-side from queries scoped to one pet in the caller's household — the model never receives another household's data. System instructions forbid invented records, diagnoses, and dosage advice, and require explicit uncertainty when the records don't contain the answer. Conversations are stored in your account and count toward plan limits. Document extraction is stored as an unreviewed draft until you approve it, and original files are never modified.
Last verified: July 17, 2026
Encryption & infrastructure
LiveYour data is encrypted in transit and at rest, on infrastructure used by thousands of production applications.
Technical detail→
PetPal runs on Supabase (Postgres, US-East) and Vercel. All traffic uses TLS (HTTPS). Data at rest is encrypted by the underlying cloud storage layer. Documents live in a private storage bucket accessed through short-lived signed URLs; pet portrait photos are the only publicly-addressable media. Secrets (AI keys, billing keys) exist only in server-side configuration — never in the browser.
Last verified: July 17, 2026
Your data is portable
In progressExport everything as structured JSON from Settings, anytime. Ask us to delete your account and we'll honor it.
Technical detail→
The export includes pets, records, vaccinations, medications and dose history, routines, appointments, expenses, care cards, and household metadata. Deletion is currently a support-handled request honored within 30 days; self-serve deletion is in progress (labeled honestly in Settings, not hidden).
Last verified: July 17, 2026
What PetPal is not
LivePetPal is not a veterinary provider, does not diagnose, and never replaces emergency care. It is also not HIPAA-regulated software, and we don't claim certifications we don't hold.
Technical detail→
We avoid vague security language ("military-grade", "bank-level") on principle. Claims on this page describe implemented behavior; where something is in progress — self-serve deletion, per-user access logs surfaced in the UI, independent security review — we say so. Sensitive record contents are never placed in analytics events.
Last verified: July 17, 2026
Questions or a security concern? info@techrunnersva.com — security reports get priority handling.