Last Updated: February 13, 2026
At Purrfect, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the Purrfect mobile application ("App") and related services. By using Purrfect, you agree to the practices described in this policy.
When you create a Purrfect account, we collect:
To provide personalized care recommendations, we collect information about your cat(s), including:
Through your use of the App's health tracking features, we may collect:
If you use our photo scanning, food scanning, or poison scanning features, we process the images you submit. Photos are analyzed for the specific purpose of providing AI-powered insights and are not stored permanently on our servers unless you explicitly save them to your cat's profile.
We collect anonymized usage data to improve the App experience, including:
Your data is primarily used to power core app features:
Our CatIntelligenceHub uses your cat's profile data to deliver personalized AI responses. This includes breed-specific advice, age-appropriate recommendations, and health condition-aware suggestions. The AI system operates in two phases: a zero-cost template engine for common queries (approximately 70% of responses) and an API-powered engine for complex, personalized queries (approximately 30%).
Anonymized usage data helps us:
We may use your email address to send:
Purrfect uses Google Firebase as its primary backend infrastructure. Your data is stored in Firebase Firestore with strict security rules that ensure users can only access their own data. Firebase Authentication manages all credential handling.
We employ a 3-tier encrypted storage architecture to protect your data:
All data transmitted between the App and our servers is encrypted using HTTPS/TLS. Our Android implementation enforces HTTPS-only connections with system Certificate Authorities. API communications to our Cloud Functions are routed through secure server-side proxies to prevent client-side key exposure.
We retain your personal data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are legally required to retain it. Anonymized analytics data may be retained indefinitely as it cannot be linked back to individual users.
Purrfect integrates with the following third-party services, each governed by their own privacy policies:
We use Firebase for authentication, database (Firestore), cloud functions, hosting, and crash reporting (Crashlytics). Data is processed in accordance with Google's Firebase Privacy Policy.
We use Google Analytics for Firebase to collect anonymized usage statistics. This helps us understand how users interact with the App. You can opt out of analytics collection in the App's Settings screen.
For subscription management and in-app purchases, we use RevenueCat. RevenueCat processes transaction data in accordance with their Privacy Policy. We do not store or have access to your payment card details.
AI-powered features use the Google Gemini API via our secure server-side Cloud Functions. See Section 5 for details on how AI processes your data.
When you interact with Whiskers AI or use AI-powered features (health insights, food scanning, photo analysis), relevant context about your cat is sent to the Google Gemini API through our secure server-side Cloud Functions. This context may include your cat's breed, age, weight, health conditions, and the specific question or image you submitted.
Your personal data and cat profile information are not used to train AI models. The Gemini API processes your queries in real-time and does not retain your data for training purposes. Our API usage is governed by Google's Gemini API Terms of Service, which explicitly prohibit using customer data for model improvement without consent.
All user inputs sent to the AI are sanitized through our PromptSanitizer to prevent injection attacks and ensure safe processing. AI responses include disclaimers that they are not a replacement for professional veterinary care.
To improve performance and reduce API calls, AI responses are cached locally on your device using our 4-tier TTL cache system with LRU eviction. Cached data is stored in encrypted Hive storage (Tier 2) and is cleared when you log out or delete your account.
Depending on your jurisdiction, you may have the following rights regarding your personal data:
You can view all data associated with your account within the App. You can also request a complete copy of your data by contacting us at privacy@purrfectapp.pet.
You can delete your account and all associated data from the App's Settings screen. Alternatively, you can request account deletion by emailing privacy@purrfectapp.pet. We will process deletion requests within 30 days.
Purrfect includes a built-in data export feature that allows you to export your cat's health records, care history, and profile data in standard formats. You can access this from the App's Settings screen.
You can update or correct any of your personal information or cat profile data directly within the App at any time.
You can opt out of analytics collection and optional communications through the App's Settings screen. Note that opting out of essential data processing may limit certain App features.
Purrfect is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete that information promptly. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at privacy@purrfectapp.pet.
Purrfect operates globally and your data may be transferred to and processed in countries other than your country of residence. Our Cloud Functions are hosted in the EU (europe-west1 region) to minimize latency and comply with European data protection standards. Regardless of where your data is processed, we apply the same level of protection described in this policy.
For users in the European Economic Area (EEA), we ensure that data transfers are conducted in compliance with the General Data Protection Regulation (GDPR) using appropriate safeguards, including Standard Contractual Clauses where applicable.
For users in other regions, we comply with applicable local data protection laws, including but not limited to the California Consumer Privacy Act (CCPA) for California residents.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
We encourage you to review this Privacy Policy periodically. Your continued use of the App after changes are posted constitutes your acceptance of the revised policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
We aim to respond to all privacy-related inquiries within 5 business days.