Lost Paws
FeaturesHow it worksPrivacyFAQGet the app

Privacy Policy

Last updated: May 2026

Policy version 1.4 (shown at sign-up)

1. Who we are

Lost Paws("we", "us") operates the Lost Paws mobile app and website to help neighbours reunite lost pets with their families. We are the data controller for personal data described in this policy.

Contact: privacy@lostpaws.pet
Address: United Kingdom — full postal address available on request via privacy@lostpaws.pet

We have not appointed a separate Data Protection Officer; privacy requests can be sent to the email above.

2. Who this applies to

This policy applies to users of the Lost Paws app and visitors to our marketing website. The app is not directed at children under 13 (or the minimum age required in your country). We do not knowingly collect personal data from children. If you believe a child has provided data, contact us and we will delete it.

3. What we collect

  • Account data: email address and password (stored only by our auth provider; we never see your plain-text password), optional Sign in with Apple (Apple may provide your email or a private relay address), and an optional profile icon (bundled breed illustration id — not a photo you upload).
  • Listing data: pet details you publish (name, type, breed, colour, description, last seen text, optional map coordinates, photos).
  • Reply contact (lost listings): email and/or phone so finders can reach you. Access is logged server-side for abuse prevention (who requested contact, which listing, when — not shown to other users).
  • Community sightings (lost listings only): optional, unverified tips from signed-in users — map pin, area text, time, optional note and photo (EXIF removed on upload). Sightings are not confirmed; similar-looking pets and other factors mean reports may be wrong. Reporter contact is optional and only shared with the listing owner if the reporter opts in. Owners see a private trail with full pins; other users see only a count and approximate latest area (~110 m). When a sighting is submitted, we send a push notification to the listing owner only (if they have a device push token). Sightings are hidden when a listing is found or reunited.
  • Listing view statistics: one unique view per listing per viewer (account id when signed in, or a device-stored anonymous id when not). Owners see only an aggregate count.
  • Notification preferences (optional): alert radius, on/off flag, push token, and while alerts are on your last foreground location for matching (cleared when alerts are off or after about 14 days without an update).
  • Approximate location (optional): coarse location or a map pin you place — for feeds, maps, and distances only; no background tracking.
  • Consent records: policy version and timestamps for privacy acceptance and optional marketing.
  • Local device storage: preferences (e.g. search radius) and an anonymous viewer id for view counting when not signed in.
  • Advertising:on Home, Explore, and My requests we may show Google AdMob banners. Google may use device identifiers to deliver and measure ads. In the UK/EU we use Google's User Messaging Platform (UMP) before personalized ads; you can change choices in-app or in device settings. On iOS we may ask for App Tracking Transparency permission when personalized ads are used. Ads are hidden on report, contact, and listing-detail screens.

We do not ask for your legal name on your profile. We minimise data to what the service needs.

4. Public vs private

Public: listings in feeds/maps, listing photos in our image bucket, rounded map coordinates (~110 m), and aggregate view counts.

Shared on request: lost-listing reply email/phone to signed-inusers via our app (rate-limited; not on map cards). Not returned when status is not "lost". Sighting reporter contact is shared only with the listing owner when the reporter opts in (rate-limited, audited).

Private: your account email, push tokens, marketing choices, individual view rows, and contact-access logs (used for security only).

Row-level security limits API access but does not make published listings secret — assume public content may be copied by others.

5. Lawful bases (GDPR)

  • Contract: accounts, listings, maps/feeds, and delivering reply contact you chose to publish for lost pets.
  • Legitimate interests: security, fraud/abuse prevention (including contact-request rate limits and view rate limits), operating the platform, proportionate view statistics for listing owners, and enabling unverified community sighting tips on lost listings (with the limitations described above).
  • Consent: optional marketing email, push alerts, and (where required) personalized advertising via Google UMP / device settings.

Publishing a lost listing with reply contact is voluntary; you agree that contact may be disclosed as described when the listing is lost.

6. Automated decisions

We do not make decisions based solely on automated processing that produce legal or similarly significant effects about you. View counts and nearby alerts use simple rules (not profiling for credit or employment).

7. Your rights

  • Access / portability: Profile → Your data → Export my data (JSON).
  • Erasure: Profile → Delete my account or email us.
  • Rectification: edit listings in-app or contact us.
  • Restrict / object: contact us where GDPR applies.
  • Withdraw consent: marketing toggle in Profile → Privacy & legal; push alerts off in app/device settings; ad choices via Google UMP / iOS/Android settings.
  • Complaints: contact us first. UK users may complain to the Information Commissioner's Office (ICO). EU users may contact their local supervisory authority.

8. Security & retention

HTTPS, OS secure storage for sessions where supported, path-scoped storage uploads, EXIF stripping on photos, database RLS, and rate limits on sensitive actions. No method is 100% secure.

We keep data while your account exists and as required by law. Account deletion cascades configured records (listings, views linked to you, consent log, profile). Contact-access logs are deleted with your account. Anonymous device viewer ids remain until you clear app data.

We cannot delete copies others made outside our systems (screenshots, forwarded messages).

9. Processors & international transfers

We use subprocessors including Supabase (database, auth, storage), Resend (transactional auth emails such as sign-up verification and password reset), Expo (push infrastructure when enabled), and Google AdMob (ads). They may process data in the UK, EEA, US, or other regions per their terms. Where required, we rely on appropriate safeguards (such as UK International Data Transfer Agreements or EU Standard Contractual Clauses offered by providers). We do not sell your personal data.

10. Website cookies

Our marketing site is mostly static and does not use non-essential analytics or advertising cookies. If we add analytics later, we will update this policy and, where required, ask for consent before loading those tools.

11. Changes

We may update this policy. Material changes are reflected in a new policy version; the app may ask you to accept the updated policy before continuing. The version shown at sign-up is 1.4.

12. Contact

Privacy questions or data subject requests: privacy@lostpaws.pet

View Terms of Service