Privacy Policy — Daily Paws
1. Data Controller
The controller of personal data processed in connection with the use of the Daily Paws mobile application (hereinafter: the "App") is:
CRE8EVE Sp. z o.o.
Address: Tulipanowa 4, 72-003
Dobra, Poland
KRS (National Court Register): 0000912669 | NIP (Tax
ID): 8513262229 | REGON: 389506637
Contact e-mail:
dailypaws@cre8eve.eu
(hereinafter: the "Controller")
2. Definitions
- App — the Daily Paws mobile application available for iOS and macOS devices (Android version planned).
- User — a natural person using the App.
- Personal data — any information relating to an identified or identifiable natural person, within the meaning of Art. 4(1) of the GDPR.
- GDPR — Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).
- Processing — an operation or set of operations performed on personal data, within the meaning of Art. 4(2) of the GDPR.
- Free Plan — the free subscription plan with basic functionality.
- Premium Plan — the paid subscription plan (€3/month or €30/year) with extended functionality.
3. Scope of data collected
3.1. No user accounts
The App operates entirely locally — it does not require registration, login, or account creation. We do not collect email addresses, passwords, or any authentication data. All data is stored exclusively on the User's device.
3.2. Pet data
| Data | Purpose | Legal basis |
|---|---|---|
| Pet name | Identification within the App | Art. 6(1)(b) GDPR (contract) |
| Species (dog, cat, other) | Feature customisation | Art. 6(1)(b) GDPR (contract) |
| Breed | Ideal weight calculation, recommendations | Art. 6(1)(b) GDPR (contract) |
| Sex | Pet information | Art. 6(1)(b) GDPR (contract) |
| Date of birth | Age calculation | Art. 6(1)(b) GDPR (contract) |
| Microchip number | Pet identification | Art. 6(1)(b) GDPR (contract) |
| Veterinarian address | Vet contact information | Art. 6(1)(b) GDPR (contract) |
| Neutering/spaying status | Health information | Art. 6(1)(b) GDPR (contract) |
3.3. Photos
| Data | Purpose | Legal basis |
|---|---|---|
| Photo path (local) | Timeline display | Art. 6(1)(b) GDPR (contract) |
| Photo description | Gallery organisation | Art. 6(1)(b) GDPR (contract) |
| Date taken | Chronological sorting | Art. 6(1)(b) GDPR (contract) |
| Favourite status | Favourites feature | Art. 6(1)(b) GDPR (contract) |
| Tags (automatic labels) | Photo categorisation | Art. 6(1)(b) GDPR (contract) |
Note on auto-tagging: Automatic photo labelling is performed using Google ML Kit Image Labeling entirely on the User's device. No image data is transmitted to external servers.
3.4. Pet medical data
| Data | Purpose | Legal basis |
|---|---|---|
| Vaccinations (name, date, expiry date, dose) | Vaccination history tracking | Art. 6(1)(b) GDPR (contract) |
| Medications (name, dose, administration schedule) | Medication reminders | Art. 6(1)(b) GDPR (contract) |
| Weight (value, date, unit) | Weight monitoring | Art. 6(1)(b) GDPR (contract) |
Disclaimer: Medical data pertains to animals, not natural persons. The processing of such data under the GDPR relates to it as an element of the service provided to the User.
3.5. Technical data
| Data | Purpose | Legal basis |
|---|---|---|
| App version | GDPR consent audit trail | Art. 6(1)(c) GDPR (legal obligation) |
| Consent timestamps | Consent documentation | Art. 6(1)(c) GDPR (legal obligation) |
4. Purposes of processing and legal bases
The Controller processes personal data for the following purposes:
4.1. Performance of a contract (Art. 6(1)(b) GDPR)
- Provision of App services (timeline, gallery, medical data, reminders)
- Fulfilment of paid subscription plans
4.2. Legal obligation (Art. 6(1)(c) GDPR)
- Maintaining a consent audit trail (timestamp, app version)
- Fulfilment of User rights (Art. 15–22 GDPR)
4.3. Legitimate interest of the Controller (Art. 6(1)(f) GDPR)
- Ensuring the security and stability of the App
- Diagnosing technical issues
5. Data recipients
The App operates on a fully local architecture. The User's personal data is not transmitted to any servers of the Controller. To a limited extent, data may be shared with the following categories of recipients:
| Recipient | Scope of data | Purpose |
|---|---|---|
| Google LLC (ML Kit Image Labeling) | None — processing on device | Automatic photo labelling (AI runs locally, no data is transmitted) |
| Apple Inc. | Transaction data (payments) | In-App Purchase payment processing |
| Google Fonts | Device IP address | Font downloading |
Note on Google ML Kit Image Labeling: Image recognition is performed entirely on the User's device. No image data or analysis results are transmitted to external servers.
Note on payments: The Controller does not have access to the User's payment data (e.g. credit card number). Payments are handled entirely by the Apple App Store.
6. Data transfers outside the European Economic Area (EEA)
In connection with the use of the Google Fonts service, the User's device IP address may be transferred to Google LLC servers in the United States of America for the purpose of downloading fonts.
In the event of a Premium subscription purchase, transaction data is processed by Apple Inc. (USA).
The aforementioned entities ensure an adequate level of data protection based on:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- EU-US Data Privacy Framework (to the extent currently in force)
Note: The App does not use any cloud services to store User data. All pet data, photos, medical data, and settings are stored exclusively on the User's device.
7. Data retention period
| Data category | Retention period |
|---|---|
| Pet data | Until deleted by the User |
| Photos | Until deleted by the User from the App |
| Pet medical data | Until deleted by the User |
| Consent audit trail | 5 years from the date of the last consent change (legal obligation) |
| Technical data | 12 months |
All data is stored exclusively on the User's device. Uninstalling the App permanently deletes all data.
8. User rights
Under the GDPR (Art. 15–22), the User has the following rights:
8.1. Right of access (Art. 15 GDPR)
The User has the right to obtain confirmation as to whether their personal data is being processed, and if so — to access such data and information about the purposes of processing.
8.2. Right to rectification (Art. 16 GDPR)
The User has the right to request the prompt rectification of inaccurate personal data concerning them.
8.3. Right to erasure — "right to be forgotten" (Art. 17 GDPR)
The User has the right to request the erasure of their personal data when:
- the data is no longer necessary for the purposes for which it was collected,
- the User has withdrawn consent and there is no other legal basis for processing,
- the User has objected to processing.
Note: Since the App stores data exclusively on the device, the User can independently delete all data directly in the App or by uninstalling it.
8.4. Right to restriction of processing (Art. 18 GDPR)
The User has the right to request the restriction of data processing in certain cases.
8.5. Right to data portability (Art. 20 GDPR)
The User has the right to receive their data in a structured, commonly used, machine-readable format. The App enables data export in ZIP format (containing JSON and photos).
8.6. Right to object (Art. 21 GDPR)
The User has the right to object at any time to the processing of data based on the Controller's legitimate interest.
8.7. Right to withdraw consent (Art. 7(3) GDPR)
The User has the right to withdraw consent to data processing at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to its withdrawal.
8.8. Right to lodge a complaint with a supervisory authority
The User has the right to lodge a complaint with the President of the Personal Data Protection Office (PUODO):
- Address: ul. Stawki 2, 00-193 Warsaw, Poland
- Website: https://uodo.gov.pl
How to exercise your rights?
To exercise the above rights, the User may:
- Contact the Controller at the e-mail address: dailypaws@cre8eve.eu
- Use the data export/deletion features available in the App
The Controller will process the request without undue delay, no later than within 30 days of receiving the request.
9. Profiling and automated decision-making
The App does not engage in profiling or automated decision-making within the meaning of Art. 22 GDPR.
Note on AI: Automatic photo labelling (Google ML Kit Image Labeling) is used solely for photo categorisation and does not constitute User profiling. The analysis is performed entirely on the device.
10. Age requirement
The App is intended for persons aged 16 years or older (Art. 8 GDPR). Persons under 16 may use the App only with the consent of a parent or legal guardian.
The Controller does not knowingly collect personal data from persons under 16 without the consent of their parent/guardian.
11. Data security
The Controller applies appropriate technical and organisational measures to ensure the security of personal data, including:
11.1. Fully local architecture
- All data is stored exclusively on the User's device (local Hive database).
- The App does not use any cloud services for data storage or synchronisation.
- No user accounts — there is no risk of login credential leakage.
11.2. Encryption
- Data on the device is protected by the operating system's encryption mechanisms (iOS Keychain, macOS Keychain).
11.3. Data minimisation
- The App collects only the data necessary to provide its services.
- Photo analysis (auto-tagging) is performed on the device — data does not leave the device.
11.4. Local notifications
- The App uses exclusively local notifications (reminders for vaccinations, medications, etc.). It does not use external push notification services.
12. Changes to the Privacy Policy
The Controller reserves the right to make changes to this Privacy Policy.
- The User will be informed of material changes via the App (in-app notification) at least 14 days before they take effect.
- Continued use of the App after changes take effect constitutes acceptance of the new Privacy Policy.
- The current version of the Policy is always available in the App settings.
13. Contact
For matters concerning personal data protection, please contact:
- E-mail: dailypaws@cre8eve.eu
- Postal address: CRE8EVE Sp. z o.o., Tulipanowa 4, 72-003 Dobra, Poland
14. Legal bases
This Privacy Policy has been prepared in accordance with:
- Regulation (EU) 2016/679 (GDPR) — General Data Protection Regulation
- Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000, as amended)
- Act of 18 July 2002 on the Provision of Electronic Services (Journal of Laws 2002, No. 144, item 1204, as amended)
- Act of 16 July 2004 — Telecommunications Law (Journal of Laws 2004, No. 171, item 1800, as amended)
Document generated for Daily Paws app v1.1