Privacy Policy

Policy Version: 2.0 | Last updated: 23 May 2026 | Effective date: 23 May 2026

🆕 Notice for Existing Users. This is Version 2.0 of our Privacy Policy and is a material update from Version 1.0 (dated 19 April 2026), reflecting the new features released with the PocketPaw v2.0 app (PawMunity, PawPRO / PawRadar 2.0, Walk / Hike GPS, PawTime, PawMail, Growth Marks, Referrals, multi-platform sync to Android and Web). If you registered before 23 May 2026 and only consented to Version 1.0, you must accept this Version 2.0 in the app before you can continue using the v2.0 features. New users joining on or after 23 May 2026 consent to Version 2.0 directly during sign-up. You may always view both versions in Settings → Legal → Privacy Policy → Version history.

This Global Privacy Policy ("Policy") describes how NextPath Solutions Limited ("PocketPaw", "we", "us", or "our"), a company incorporated in Hong Kong, collects, uses, stores, shares, and protects personal information in connection with your use of the PocketPaw services on iOS, Android, and the web at pocketpawapp.com (collectively, the "Services").

Please read this Policy carefully. By continuing to use the Services on or after the Effective Date above, or by accepting Version 2.0 in the app, you acknowledge that you have read and understood this Policy. If you do not agree, please stop using the Services and you may delete your account.

Data Controller & Contact
Information We Collect
How We Use Your Information
Legal Basis for Processing (GDPR / UK GDPR)
Sharing of Information
International Data Transfers
Data Retention
Data Security
Your Privacy Rights (by Jurisdiction)
Children's Privacy
Location Data (Including Background Walk/Hike Tracking)
Device Permissions
Push Notifications
Cookies & Tracking Technologies
Data Breach Notification
Subscription Data & Multi-Platform Identity
Business Account Data (PawPRO / PawPRO+)
AI Assistants, Voice Assistants & App Intents
Deep Links & Universal Links
Changes to This Policy (Including Re-Consent for Material Updates)
Contact Us

1. Data Controller & Contact

The data controller responsible for your personal data is:

Company: NextPath Solutions Limited
Address: Unit B, 12/F, Hang Seng Causeway Bay Building, 28 Yee Wo Street, Causeway Bay, Hong Kong
Privacy Contact / Data Protection Officer: privacy@nextpath.hk
UK Information Commissioner's Office (ICO): registration filed / in progress for the UK market (v3 phase).
Singapore Data Protection Officer (DPO): privacy@nextpath.hk (per Singapore PDPA s.11(3); applies upon v3 launch in Singapore).

For users in Hong Kong, Canada (current v2.0 markets), and other jurisdictions where we may operate in future (New Zealand, Australia, Singapore, Malaysia, the United Kingdom, the United States, Japan, Taiwan), NextPath Solutions Limited acts as data controller (or equivalent role under local law). We have not appointed an EU Article 27 Representative as we have deferred direct EU market entry; we remain reachable at the address above and via privacy@nextpath.hk.

2. Information We Collect

2.1 Information You Provide Directly

Account information. Your email address and password (stored as an encrypted hash via Firebase Authentication), and — for sign-in via Google or Apple — the verified identifier returned by those providers. Account type (Dog Owner / NGO / Business / Service Provider), preferred language, and region.
Dog profile (PawFile). Your dog's name, breed (one of 40 canonical breeds or a free-text "Other"), date of birth, weight, gender, neutered status, biography, profile photo, PawRadar status ring (Green = friendly / Yellow = training, do not disturb / Red = not friendly / unset), and saved adoptable dogs.
User-generated content. Photos, posts, comments, reactions (❤️ "support" / ❓ "reservation"), event listings, RSVPs, messages, PawMail items, PawTime activity submissions, Dog Park reviews, business reviews, and product reviews you share via PawBark, PawMunity (Forum + Events), PawHeart (Adopt / Rehome / Lost), Growth Marks, and other surfaces.
Support communications. Any information you provide when contacting our support team.
Reports. Information you submit when reporting other users, posts, comments, events, products, businesses, dog parks, map pins, or PawTime cards.
PawHub data.
Microchip number (chip no.), weight entries (kg/lb display preference, stored metric), daily water intake (mL/oz/cup display preference, stored metric).
Vaccination and health records: vaccination names, dates administered, booster dates, reminder settings.
Documents: file names, dates, remarks for uploaded documents (vaccination cards, vet receipts). File contents are stored in encrypted form but are not read or processed by AI — only metadata is shared with the AI assistant.
Growth Marks (formerly Time Capsule): photos you upload every 180 days as part of your dog's visual timeline.
Important Dates: birthdays, vaccination dates, reminder timings, notification states.
PawPicks data. Product submissions (name, brand, category, images, region, structured nutrition: protein/fat/fibre/moisture/calories/main ingredients/life stage/grain-free), product reviews (star + sub-ratings, review text, your dog's breed and age at time of review), product usage data via the "+" button, "Disagree Information" / "Duplicated" flags.
PawAdvisor data. AI conversation history; disclaimer acknowledgement records (timestamp, language, platform); and, for the periodic PawAdvisor Insight, the summary outputs we surface to you.
PawMunity data.
Forum posts and comments (optional title ≤120 chars, body ≤4,000 chars, up to 3 images @ 10 MB each), region / breed-board scope, reactions, full-text search tokens automatically derived from your post text to enable search across the forum.
Event listings: title, description, cover image (optional), start/end time, breed / size scope, capacity, location text, optional venue latitude/longitude (visible only to organiser + confirmed RSVP attendees), event type (group / one-on-one), gender preference (one-on-one only).
RSVP records (joined / interested) and recurring-series memberships.
Daily / weekly usage quota records (per-day forum quota, per-ISO-week event quota).
Forum moderator role assignments (two-tier: region-wide and breed-board specific).
Forum leaderboard aggregates (e.g., most-walked dog, most-friends, most-active breed board) — derived from anonymised platform metrics and your dog's PawFile, recomputed weekly/monthly.
Walk / Hike GPS data (Exercise feature). When you actively start a Walk or Hike session, we record: GPS polyline of the route (compressed via Ramer–Douglas–Peucker encoding — not raw per-second coordinates), start and end times, total distance and duration, a reverse-geocoded location name, a server-rendered static map thumbnail, and a calculated estimate of dog calories burned. See Section 11 for full disclosure on background processing.
PawTime + Companion Time data. Activity card identifiers you interact with, your "+" tap records that create CompanionSession entries (timestamp, duration, mental/physical/both classification, difficulty level), and your activity-time aggregates (today / week / month minutes, mental·physical split, max difficulty).
PawMail data (new in v2.0). Paw-print / treat / heart "mail" sends and receives between PawMates (sender uid, recipient uid, timestamp, item type), and your opt-in/opt-out preference (allowPawMail).
Dog Park community data. Reviews and sub-ratings you contribute for community dog parks; your favourite parks (shown on your PawFile); visit records (atomic 24-hour deduplication) used to compute hourly-traffic charts.
Referral data. Your referral code, codes you have redeemed, and the resulting bonus PawVIP time entitlement.
Bookmarked businesses & announcement opt-out records (when you bookmark a PawPRO/PRO+ merchant and / or opt out of their announcements).
Business / Service Provider account data — see Section 17.

2.2 Information Collected Automatically

Device information. Device type, model, operating system version (iOS, Android), and an anonymous device identifier (IDFV on iOS; an equivalent installation ID on Android). We do not collect the IDFA (iOS advertising identifier) or Android advertising ID.
Location data.
Foreground proximity location (GeoHash precision-5, approximately 2 km radius) for PawRadar, PawMate, and Dog Park / business proximity queries.
Background location during active Walk / Hike sessions only — see Section 11 for full disclosure.
City-level location (reverse geocoded once) when you opt in to publishing your PawFile to pocketpawapp.com.
Region and country code stamped on every doc you create (we store both region and countryCode to support future sub-national personalisation, e.g. Quebec).
Usage data. Features used, screens visited, actions taken (swipes, RSVPs, tab views, forum search queries, leaderboard views), and session duration.
Crash reports and diagnostic logs. via Firebase Crashlytics (iOS) and equivalent on Android.
Push notification tokens. Firebase Cloud Messaging (FCM) device tokens used to deliver notifications.
Network data. IP address and network type, retained in standard server logs for security and abuse-prevention.
Subscription state. When you purchase PawVIP / PawPRO / PawPRO+, we record the subscription source ("apple", "google", "stripe", or "manual"), original transaction identifier, current expiry, and any referral bonus extension. Apple sends server-to-server lifecycle notifications (App Store Server Notifications V2) directly to our backend so renewals and cancellations stay in sync even when the app is closed; Google Play Billing and Stripe will operate analogously when launched on Android and Web.

2.3 Information from Third Parties

Firebase / Google LLC. We use Firebase for authentication, Firestore database, cloud storage, cloud functions, Cloud Scheduler, Firebase Cloud Messaging, and Firebase Analytics. Google processes data on our behalf as a data processor under our data processing agreement.
Google Vertex AI (Gemini 2.5 Flash). PawAdvisor uses Gemini for both interactive chat and the periodic PawAdvisor Insight. Google processes data as a data processor under our agreement and does not use it to train AI models. Data may be processed on servers located outside your country of residence, including in the United States.
MapBox, Inc. PawRadar 2.0 uses MapBox for map tiles, geocoding (business addresses, Lost-report location pinning, dog park / venue search), location pickers, and static map thumbnail generation for Walk / Hike records. MapBox acts as an independent service provider for map rendering; we share only what is necessary to fulfil the request (no account, dog, or health data).
Apple Inc. App Store distribution, in-app subscription processing (StoreKit 2), App Store Server Notifications V2, push notifications (APNs), Sign in with Apple, Apple Maps (legacy fallback), Siri / Spotlight / Shortcuts / Apple Watch / Apple Intelligence integration via App Intents (see Section 18).
Google Play & Google Sign-In (Android, future). When the Android app launches in v3, Google Play Billing processes in-app subscriptions and Google Sign-In handles authentication; same data-processor relationship as Firebase.
Stripe, Inc. (Web, future). When the web business backend launches in v3, Stripe processes subscriptions and merchant payments; Stripe is bound by its own terms and data-processing standards.

2.4 Information We Do Not Collect

Payment card details (handled entirely by Apple StoreKit 2, and, in future, Google Play Billing or Stripe).
Biometric data (fingerprint, face recognition).
Continuous background location when no Walk / Hike session is active.
Sensitive personal data relating to your or your dog's serious medical conditions (beyond optional PawFile fields you choose to complete), religion, political views, racial origin, sexual orientation, or trade union membership.
IDFA, Android Advertising ID, or any cross-app advertising identifiers.

3. How We Use Your Information

We use the information we collect to:

Register and manage your account and PawFile across iOS, Android, and Web.
Operate core features: PawRadar / PawRadar 2.0 multi-layer map (dogs / businesses / dog parks / transport routes / lost reports / pet-friendly venues), PawMate, PawMatch, PawBark, PawHeart (Adopt / Rehome / Lost), PawHub (health, exercise, growth marks, dates, MyPicks), PawPicks, PawAdvisor (chat + insight), PawMunity (Forum + Events + reactions + search + leaderboards), PawTime, Walk / Hike, PawMail, Referrals, and Dog Park community.
Synchronise your data, subscriptions, and entitlements across iOS, Android, and Web using Firebase as the single source of truth, so that your account state is consistent regardless of which device you use.
Deliver push notifications (PawMate requests, PawBark messages, PawMunity event reminders, PawTime exercise-drop reminders, dog birthday reminders, vaccination boosters, business announcements you have subscribed to via Bookmark, and subscription / referral updates).
Process and manage PawVIP consumer subscriptions and (Phase 2) PawPRO / PawPRO+ business subscriptions via Apple StoreKit 2, and — in future v3 — Google Play Billing (Android) and Stripe (Web). See Section 16 for multi-platform identity and entitlement.
Detect, investigate, and prevent fraud, abuse, and violations of our Terms and Community Guidelines (including community-driven auto-takedown when a post, event, product, business, dog park, or PawTime card receives three or more reports; and the two-tier forum moderation by region moderators and breed-board moderators).
Compute and surface aggregate insights: dog-calorie estimates from Walk / Hike sessions; walk-time / play-time aggregates on PawHub Exercise; dog park hourly-traffic charts; PawMunity leaderboards (most-walked / most-friends / most-active breed board).
Power the PawAdvisor chat and the PawAdvisor Insight periodic summary by injecting your dog's PawFile and PawHub data into prompts to Google Vertex AI; see Section 18 for the data sent.
Geocode business addresses and Lost report locations via MapBox.
Provide aggregated, anonymised analytics to merchants for their own businesses only — merchants never see individual user identity, even where they are veterinarians (see Section 17).
Operate the Referral programme: when a user you referred becomes your PawMate, both accounts receive bonus PawVIP time.
Respond to support requests and resolve disputes.
Analyse usage patterns to improve features and user experience (using anonymised and aggregated data where possible).
Comply with applicable legal obligations, law enforcement requests, and child-safety reporting duties.

We do NOT use your information to:

Sell your personal data to any third party. We do not sell, rent, lease, or trade your personal data — including your dog's data, location data, PawHub health data, PawPicks usage data, or Walk / Hike routes — for any third party's marketing, advertising, or commercial purposes.
Share dog-health data with veterinarians or vet-affiliated businesses for marketing purposes. Even where vets operate as PawPRO / PawPRO+ merchants, they receive only aggregated, anonymised analytics — never individual user identity or PawHub health data.
Display targeted or behavioural advertising in v2.0. (Advertising is not part of the v2.0 product; if and when we introduce in-app advertising or merchant commissions in a future major release, we will update this Policy and seek your re-consent as required.)
Make automated decisions that produce legal or similarly significant effects without human review.

For users in the European Economic Area, United Kingdom, and elsewhere where GDPR-equivalent law applies, we process your personal data under the following legal bases:

Contract performance (Art. 6(1)(b)): account management, PawMate matching, PawBark, PawMunity participation, Walk / Hike recording, subscription management, business profile operation.
Legitimate interests (Art. 6(1)(f)): analytics and service improvement, fraud prevention, security, crash reporting, anti-spam push-frequency caps, community moderation (two-tier), forum leaderboard computation, dog park hourly traffic, aggregated merchant analytics — where these interests are not overridden by your rights and freedoms.
Consent (Art. 6(1)(a)): location data (including Walk / Hike background location), push notifications, public PawFile display, PawAdvisor AI processing of your dog data, business announcement opt-in via bookmark, and acceptance of material policy updates (including this Version 2.0).
Legal obligation (Art. 6(1)(c)): retention, law enforcement requests, child-safety reporting, tax / accounting record requirements.

Other PocketPaw users may view your PawFile as part of normal use (PawRadar, PawMate, PawMatch, PawMunity event attendee lists, PawTime CompanionSession reviews, business review attribution). You can hide individual fields (sex, birth date, neutered status) via the per-field public/private toggles on your PawFile.

5.2 Public PawFile Display on pocketpawapp.com

Entirely opt-in via the "Share to PocketPawApp.com" toggle in Settings. When enabled, we display your dog's name, breed, bio, profile photo, age (if public), gender + neutered status (if public), and city name only (reverse-geocoded once at the time you enable the toggle). Owner name, email, exact GPS coordinates, and health data are never displayed publicly.

5.3 PawPicks Community Database (Website)

PawPicks product listings, ratings, and reviews are publicly displayed on pocketpawapp.com (currently read-only). Reviewers are identified only by their dog's breed and age — your name, email, and personal information are never displayed on product listings.

5.4 PawHeart Content (Website + App)

PawHeart Adopt, Rehome, and approved Lost posts are publicly visible on pocketpawapp.com and as map pins on PawRadar. Rehome posting in v2.0 is restricted to PawVIP subscribers (anti-spam measure); Want-to-Adopt text posts remain open to all users.

5.5 PawMunity Forum and Event Content

Forum posts, comments, reactions, search tokens, leaderboard rankings, and event listings are visible to other users within the same region (HK / CA in v2.0; expanding to v3 regions later). Your dog's PawFile snapshot (name, breed, photo) is attached to your posts and events to identify you to the community. Event venue coordinates, where provided, are visible only to the event organiser and confirmed RSVP'd attendees. Forum moderators (two-tier: region moderators + breed-board moderators) — elected annually via PocketPaw's official Instagram poll and assigned by PocketPaw admin — can see all posts in their assigned scope including taken-down content.

5.6 Business Profile Data (PawPRO / PawPRO+ Merchants)

If you operate a Business / Service Provider account, your business profile (name, type, address, opening hours, photos, description, menu, reviews) is publicly visible on the PawRadar map and within the app. This is the core purpose of a business listing. See Section 17 for the privacy boundary between your business and the dog-owner users who interact with it.

5.7 Service Providers (Data Processors)

Google LLC (Firebase) — cloud infrastructure, database, storage, analytics, crash reporting, cloud functions, Cloud Scheduler, Cloud Messaging.
Google LLC (Vertex AI / Gemini) — AI processing for PawAdvisor chat and Insight. Data processor; does not train on your data.
MapBox, Inc. — map tiles, geocoding, location pickers, static thumbnails for Walk / Hike. Receives only what is necessary to fulfil the request.
Apple Inc. — App Store, StoreKit 2, App Store Server Notifications V2, APNs, Sign in with Apple, Apple Maps (legacy), App Intents framework for Siri / Spotlight / Apple Watch / Apple Intelligence (see Section 18).
Google Play & Google Sign-In (Android, future v3).
Stripe, Inc. (Web, future v3).

5.8 Legal Requirements

We may disclose your information where required by law, court order, or governmental or regulatory authority, including: - Lawful requests by public authorities in our operating jurisdictions (HK + CA in v2.0; expanding in v3). - Reports of child sexual abuse material (CSAM), escalated to relevant child-safety hotlines (e.g., NCMEC in the United States) and law enforcement. - Reports of animal cruelty, where local law obliges or permits disclosure.

5.9 Business Transfers

In the event of a merger, acquisition, reorganisation, or sale of all or substantially all of our assets, your personal data may be transferred to the acquiring or surviving entity. We will notify you and the acquiring entity will be required to maintain equivalent privacy protections.

5.10 No Sale of Data

We do not sell, rent, lease, or trade your personal data to any third party for marketing or commercial purposes. This statement serves as our "Do Not Sell or Share My Personal Information" notice for the purposes of CCPA / CPRA.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside your country of residence, including the United States (Google Firebase, Google Vertex AI, MapBox, and — in v3 — Stripe infrastructure), Hong Kong (NextPath and the asia-east2 Cloud Functions region), and other countries where Google, Apple, or MapBox operate infrastructure.

For transfers from the EEA / UK / Quebec / other restricted jurisdictions, we rely on: - EU Standard Contractual Clauses (SCCs) approved by the European Commission; - UK International Data Transfer Agreements (IDTAs) or the UK Addendum to the EU SCCs; - Quebec Law 25 privacy-impact assessments for transfers outside Quebec (completed for current v2.0 data flows); - APPI cross-border transfer notices (Art. 28) — applicable upon v3 launch in Japan; - Singapore PDPA Transfer Limitation Obligation safeguards — applicable upon v3 launch; - Adequacy decisions where applicable.

Copies of these transfer mechanisms are available on request at privacy@nextpath.hk.

PawAdvisor AI Data: When you use PawAdvisor (chat or Insight), your dog's data is transmitted to Google's Vertex AI service for processing on globally distributed servers. Our Cloud Functions are deployed in asia-east2 (Hong Kong) but the Vertex AI model endpoint operates globally. By using PawAdvisor, you acknowledge this cross-border transfer as described in the PawAdvisor in-app disclaimer.

7. Data Retention

Account and profile data: retained for account duration; deleted or anonymised within 30 days of account deletion request.
PawBark messages: account duration; deleted within 30 days of account deletion.
PawHeart posts: account duration; deleted within 30 days of account deletion.
Crash and technical logs: up to 90 days.
Analytics data: anonymised / aggregated form, up to 14 months.
Support correspondence: up to 3 years.
Consent records (including your acceptance of this Version 2.0 and prior Version 1.0): account duration + 3 years, for legal compliance and dispute resolution.
PawHub data (health, documents, vaccinations, weight, water intake, Growth Marks photos, Dates): account duration; deleted within 30 days of account deletion.
PawPicks product submissions: retained indefinitely as part of PocketPaw's community database. Reviews anonymised within 30 days of account deletion.
PawAdvisor chat history: deleted within 30 days of account deletion.
PawAdvisor disclaimer acknowledgement logs: account duration + 3 years.
PawMunity posts / comments / events / reactions / search tokens: account duration; anonymised or deleted within 30 days of account deletion, except where retained for moderation or legal hold. Public posts with community responses may be retained in anonymised form for archival continuity.
PawMunity leaderboard aggregates: retained for the current and previous period (weekly / monthly).
Walk / Hike records (GPS polyline, distance, calorie estimate, thumbnail): account duration; deleted within 30 days of account deletion. You may delete individual records anytime.
PawTime CompanionSession entries: account duration; deleted within 30 days of account deletion. PawTime card definitions persist (community-shared).
PawMail sends/receives: 90 days.
Dog Park visit records and hourly-traffic aggregates: rolling 30 days raw + anonymised aggregates indefinitely.
Referral records: retained for account duration plus 3 years for anti-fraud audit.
Business Profile data (PawPRO / PawPRO+): retained for the duration of the business account; deleted within 30 days of account closure, subject to tax / accounting retention obligations (typically 7 years in Hong Kong and Canada).
Subscription source / transaction records: retained for the duration of the active subscription plus 7 years for tax and audit purposes.
Legal holds: longer retention where required.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data:

HTTPS / TLS for all client-server communication on iOS, Android, and Web.
Firebase Security Rules restricting Firestore read / write access to authenticated users; append-only safety on all v2 collections so no v1 data is silently modified.
Server-side enforcement of:
PawAdvisor PawVIP gating (re-checked in askPawAdvisor Cloud Function).
Business announcement rate limits (2/month PawPRO, 4/month PawPRO+).
Community-driven auto-takedown at ≥3 reports.
Two-tier forum moderation scopes.
Subscription entitlement resolution via server-side resolver computing effective access from per-source records (apple / google / stripe / manual / referral) — see Section 16.
App Store Server Notifications V2 webhook verifying signed JWS from Apple's root CAs before updating any subscription state.
Firebase Authentication with hashed password storage (and OAuth via Google / Apple).
Firebase App Check enabled in production to deter automated abuse.
Least-privilege access controls within our team.
Regular security reviews of our cloud infrastructure configuration.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.

9. Your Privacy Rights (by Jurisdiction)

9.1 Universal Rights

Regardless of your location: - Access — request a copy of your data. - Correction — update inaccurate data via in-app settings or by contacting us. - Deletion — delete your account anytime via Settings → Delete Account, or privacy@nextpath.hk. - Data Portability — request your data in JSON or CSV (subject line "Data Portability Request"). We respond within 30 days (or the local mandate). - Withdraw Consent — withdraw location, notifications, public PawFile, PawAdvisor, business-announcement, App Intent integration, or material-policy-update consent at any time via device Settings or the relevant in-app toggle, without affecting the lawfulness of prior processing.

9.2 Hong Kong — PDPO (Cap. 486)

Right to a Data Access Request (DAR) and Data Correction Request (DCR). We respond within 40 days (PDPO requirement). A reasonable DAR fee may apply.

9.3 Canada — PIPEDA & Quebec Law 25

Access, correction, withdrawal of consent (for non-essential processing), de-indexation of online information (Quebec residents), explanation of automated decisions (Quebec residents where applicable). Complaints: OPC (priv.gc.ca) or CAI (Quebec). Quebec transfers outside the province are subject to a privacy impact assessment (completed for v2.0 data flows).

Object, restrict, lodge a complaint with your national DPA (edpb.europa.eu). EU is not an active market for v2.0; if you nonetheless use PocketPaw from within the EEA, these rights remain available.

Equivalent rights. Complaints: ICO (ico.org.uk). PocketPaw registration with the ICO is filed / in progress for the upcoming v3 UK launch.

9.6 United States — CCPA / CPRA & State Privacy Laws (v3)

For California residents under CCPA / CPRA: right to know, delete, correct, opt out of sale/share (we do not sell or share), limit sensitive personal information use, non-discrimination. Email privacy@nextpath.hk with subject "California Privacy Rights Request." We honour equivalent rights for residents of other US states with comprehensive privacy legislation (VCDPA, CPA, CTDPA, UCPA, TDPSA, and others as enacted). COPPA applies to children under 13 (see Section 10).

9.7 Japan — APPI (v3)

Disclosure, correction, addition, deletion, cessation of use, cessation of third-party provision. Cross-border transfer notice per Art. 28.

9.8 Taiwan — PDPA (v3)

Review, copy, supplement, correct, cease collection / processing, request deletion.

9.9 Singapore — PDPA 2012 (v3)

Access, correction, withdraw consent. Complaints: PDPC (pdpc.gov.sg). DPO: privacy@nextpath.hk.

9.10 Malaysia — PDPA 2010 (v3)

Access, correction, withdraw consent. Complaints: JPDP (pdp.gov.my).

9.11 Australia — Privacy Act 1988 (APPs) (v3)

Access, correction, opt-out of direct marketing (we do not engage in direct marketing). Complaints: OAIC (oaic.gov.au).

9.12 New Zealand — Privacy Act 2020 (v3)

Access, correction. Complaints: Office of the Privacy Commissioner (privacy.org.nz).

9.13 How to Exercise Your Rights

Contact privacy@nextpath.hk. We respond within 30 days (or the local mandate). We may need to verify your identity first.

10. Children's Privacy

PocketPaw is not directed at children under 13. We do not knowingly collect data from children under 13. If we discover inadvertent collection we will delete it and, where required (e.g., COPPA in the US), notify the appropriate authority.

For users 13–17, parental or guardian consent is required.

Where local law sets a higher minimum (16 in certain EU member states; 14 in Quebec; 14 in Singapore for sensitive processing; 14 in Hong Kong for sensitive processing), we apply the higher threshold. A neutral age gate operates at registration and at first launch of social features (PawMate / PawBark / PawMunity).

11. Location Data (Including Background Walk/Hike Tracking)

Location data is collected only when you grant location permission. PocketPaw uses location in three distinct modes — please read this section carefully because mode 11.2 (background location during active Walk / Hike sessions) is significant.

11.1 Foreground Proximity Location (PawRadar, PawMate, Dog Parks, businesses)

When: Only while the app is open and in the foreground.
Precision: GeoHash precision-5 (~2 km) for proximity queries. Precise GPS coordinates are not stored on our servers; we store only the bucketed GeoHash key.
Throttling: Manual refresh (30 s cooldown); foreground auto-refresh every 5 min only if you have moved more than 200 metres.
Visibility: Your approximate location is visible to other PocketPaw users on PawRadar while you have GPS enabled.
Disable: GPS toggle in Settings, or device Settings → Privacy → Location Services.

11.2 Background Location for Walk / Hike Sessions (Exercise feature)

When: Only while you have actively tapped Start on a Walk or Hike session in PawHub → Exercise. Background tracking automatically stops when you tap Stop, when the configured maximum duration elapses (with a 10-minute warning local notification), or when you uninstall the app. Background location is never collected when no session is active.
iOS permission: "Always" or "When in Use" plus UIBackgroundModes: location. iOS displays a blue background-location indicator while a session is running.
Android permission (v3): equivalent ACCESS_BACKGROUND_LOCATION with a foreground-service notification while a session is running.
What we store: Compressed polyline of the route (Ramer–Douglas–Peucker encoded — not raw per-second coordinates), session start / end times, total distance and duration, reverse-geocoded location name, server-rendered static map thumbnail, and a dog-calorie estimate.
What we do NOT store or infer: Continuous live coordinates, your home / work address inferred from session start / end points (no home-detection inference), or any location data outside an active session.
Visibility: Walk / Hike records are visible to you only. They are not surfaced on PawRadar to other users. Dog-calorie estimates appear only on your own PawHub.
Disable: Stop any active session and revoke "Always" / "When in Use" permission via device Settings. You may also delete individual Walk / Hike records anytime.

11.3 City-Level Location for Website Publication (opt-in)

City name only (e.g. "Hong Kong", "Toronto"), reverse-geocoded once when you enable the "Share to PocketPawApp.com" toggle. Public on pocketpawapp.com. Disable in Settings.

11.4 Country / Region Detection

We use a coarse region signal (derived from device locale and / or your declared region) to filter PawHeart, PawPicks, PawMunity, dog park, and event content. We store both region and countryCode on every doc to support future sub-national personalisation. This signal is not used for tracking.

11.5 MapBox Geocoding

When a Business account submits an address, or when you submit a Lost report and use the in-app location picker, we send the relevant address text or selected coordinates to MapBox for forward or reverse geocoding. MapBox processes only what is necessary to fulfil the request. See Section 5.7.

12. Device Permissions

We request only the permissions necessary for the features you use, and we honour your declines (the affected feature will be unavailable, but the rest of the app continues to work).

Permission	Why we ask	When	Mandatory?
Location — When in Use / Foreground	PawRadar, PawMate, Dog Park proximity, business map	When you open the map	Optional — required for map features
Location — Always / Background	Active Walk / Hike session GPS tracking	Only when you start a Walk / Hike session	Optional — required only for the Exercise feature
Photos / Photo Library	Upload PawFile photo, Growth Marks, PawHeart photos, forum post images, business photos, dog park photos, Lost report photos	When you tap an "upload photo" affordance	Optional — required only to attach photos
Camera	Take a photo directly from within the app for any of the upload flows above	When you tap "take photo"	Optional
Push Notifications	PawMate requests, PawBark messages, PawMunity event reminders, PawTime drop reminders, dog birthday / vaccination reminders, business announcements (if subscribed), subscription / referral updates	At first launch, with separate granular toggles in Settings	Optional
App Intents / Siri & Apple Intelligence (iOS 26+)	Allow voice / agent activation of Walk / Hike start / stop and section navigation	When you use Siri or the Shortcuts app	Optional — see Section 18
Sign in with Apple / Google Sign-In	Account creation / login	At registration	One auth method is required

Local push notifications for vaccination boosters and important dates use iOS UNUserNotificationCenter (and the Android equivalent in v3); these share the platform 64-pending-notification quota.

13. Push Notifications

We use Firebase Cloud Messaging (FCM) to deliver push notifications. Notifications cover: - New PawMate requests, accepted PawMate requests. - New PawBark messages. - PawMunity event reminders (approximately 24 hours before an event you have RSVP'd to). - PawTime exercise-drop reminders (sent when your dog's tracked exercise minutes drop ≥50% over 3 or 7 days; wellness reminder, not medical advice). - Dog birthday reminders. - Vaccination booster reminders (iOS local notifications + push fallback). - Business announcements from PawPRO / PawPRO+ merchants you have opted in to via Bookmark (max 2/month PawPRO, max 4/month PawPRO+). - Subscription and Referral updates (renewals, expiries, bonus PawVIP grants).

You can disable any category in your device Settings → Notifications → PocketPaw (or via the relevant in-app toggle for granular control). Disabling notifications will not affect your ability to use the Services but may mean you miss time-sensitive alerts.

14. Cookies & Tracking Technologies

Website (pocketpawapp.com): Minimal essential cookies (e.g. language preference). For visitors from the UK, EEA, or other jurisdictions requiring prior cookie consent, we display a cookie banner for any non-essential analytics cookies. No advertising, tracking, or third-party marketing cookies.

In-App Analytics: Firebase Analytics on both iOS and (future) Android, using anonymised data; no cross-app tracking; no advertiser sharing. You can opt out of Firebase Analytics in-app where the toggle is available, or by contacting us.

No third-party advertising networks, retargeting pixels, or social-media tracking scripts.

15. Data Breach Notification

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify you and the relevant authorities as required by applicable law:

EEA / UK: Supervisory authority within 72 hours (GDPR / UK GDPR); affected individuals without undue delay where the risk is high.
Canada (PIPEDA): OPC and affected individuals if a real risk of significant harm exists.
Quebec (Law 25): CAI and affected individuals where the incident presents a serious risk of harm.
Hong Kong (PDPO): Voluntary notification to PCPD per published guidance.
Singapore (PDPA) (v3): PDPC within 72 hours if breach is likely to result in significant harm or affects ≥500 individuals.
Japan (APPI), US states (CCPA, etc.), Australia, New Zealand, Malaysia, Taiwan (v3): per applicable local law.

Notification to you will be provided via in-app alert and / or email.

16. Subscription Data & Multi-Platform Identity

16.1 One account, three platforms

PocketPaw is one service across iOS (currently live), Android (planned v3), and Web (read-only PawPicks today; business backend in v3). We use Firebase Authentication as the cross-platform identity layer — your Firebase uid is your account identity on every platform. Sign in with email / password, Google, or Apple (the latter currently iOS only; email / Google recommended for Android / Web cross-compatibility).

16.2 Server is the source of truth

Your subscription entitlement (PawVIP / PawPRO / PawPRO+) and all business data live in Firestore. We never rely on "this device bought it" — feature access is gated on the server-side entitlement record, so if you buy on iOS the entitlement applies on Android and Web automatically (and vice versa, when those platforms ship).

16.3 Per-source records & resolver

We record subscriptions with a "source" tag — apple (current), google (Android, future), stripe (Web, future), manual (a small number of administratively-granted subscriptions), or referral (bonus PawVIP time earned through the Referral programme). A server-side resolver computes your effective active entitlement as the latest across all sources, so buying on one platform never wipes an entitlement from another. We retain the original transaction ID for each platform for renewal validation and refund handling.

16.4 Apple App Store Server Notifications V2

When you subscribe via Apple, Apple sends server-to-server lifecycle notifications (appStoreServerNotifications Cloud Function) on every event — initial purchase, renewal, cancellation, refund, billing retry, grace period, expiry. Our backend verifies the signed JWS against Apple's root CAs, decodes the transaction, maps the originalTransactionId to your uid, and updates your entitlement record server-side. This means your subscription state stays correct even if the app is closed or uninstalled.

Equivalent server-to-server flows will be implemented for Google Play Billing (Android) and Stripe (Web) when those platforms launch.

16.5 Pricing parity & anti-steering

We charge the same price across iOS, Android, and Web (the platform commission differs but is absorbed by PocketPaw). To comply with Apple's anti-steering rules, we do not direct iOS users to buy elsewhere from within the iOS app. You may always choose where to subscribe; cross-platform recognition is automatic.

Apple receives the App Store Connect product identifier, your Apple ID, and any in-app purchase metadata required by StoreKit 2. We do not receive your credit card details.
Google Play (v3) will receive your Google account identifier and the SKU; we will not receive payment card details.
Stripe (v3) will receive your name, email, and payment instrument for web purchases.

We receive only the subscription state and transaction identifiers necessary to grant the entitlement.

17. Business Account Data (PawPRO / PawPRO+)

This Section 17 supplements (and does not replace) the rest of this Policy. It applies only to users who hold a Business / Service Provider account.

17.1 Information collected for business accounts

Business owner contact name, email, and phone number.
Business name, type (one of 11 categories or NGO Shelter), physical address (geocoded via MapBox), opening hours, menu / service list, descriptions, logo, cover photo, photo gallery (up to 5 for PawPRO / 10 for PawPRO+) and one optional video (PawPRO+ only).
Subscription status (subscriptionValid), tier, Free-Pin claim status.
Customer Q&A entries, booking inquiries, promo code records, click-event counters, loyalty stamp-card records, customer-NPS post-visit survey responses (where collected).

Your business profile data (name, address, hours, photos, description) is publicly visible to PocketPaw users and on the PawRadar map. This is the purpose of a business listing.
Reviews from dog owners about your business carry the reviewer's dog breed snapshot but never the reviewer's identity (no name, no email).
Aggregated visitor counts, click-through counts, rating distributions, and (PawPRO+ only) time-of-day patterns and customer-source heatmap are surfaced to you via the Analytics tab. You will never receive the identity of individual visitors or reviewers.

17.3 The "Active Dashboard" is not real-time

PawPRO+ Analytics → Active Dashboard refreshes approximately every 5 minutes. It is not a real-time feed and must not be relied upon for time-critical decisions. Marketing and UI must use "Active Dashboard / 動態儀表板" — never "real-time / 即時".

PocketPaw does not — and will not — build features that allow veterinarian PawPRO / PawPRO+ merchants to receive individual user health data, vaccination records, weight history, or other PawHub data. Vets are welcome to operate as PawPRO merchants for marketing exposure only, on the same terms as any other business.

17.5 Payment data

All payment processing for PawPRO and PawPRO+ subscriptions is conducted by Apple StoreKit 2 (iOS) and, in v3, by Google Play Billing (Android) or Stripe (Web business backend). We do not store payment card data. See Section 16.

17.6 Pre-seeded Free Pins

PocketPaw may pre-seed Free Pins on the PawRadar map for businesses publicly identified in a launch region. Rightful operators may Claim This Business in the app. Claims are reviewed manually against one of: a phone-number match, business registration, or in-store photo evidence.

17.7 Address change requests

Address changes are submitted via the in-app form and routed via MapBox forward geocoding for verification, then approved manually.

18. AI Assistants, Voice Assistants & App Intents

18.1 PawAdvisor (in-app AI chat and Insight)

PawAdvisor is a PawVIP-exclusive AI assistant powered by Google Vertex AI / Gemini 2.5 Flash, with two surfaces: - PawAdvisor Chat — interactive Q&A. Every turn injects a markdown context block containing your dog's PawFile (name, breed, gender, age, neutered status, city, region), PawHub profile (chip no., water intake), last 20 weight entries, up to 30 document metadata items (no file contents), last 20 vaccinations, capsule count only, upcoming dates, PawPicks food picks (brand + name + community rating + structured nutrition) and toy picks, plus the last 10 messages in the conversation. - PawAdvisor Insight — a separate, periodic AI-generated summary surfaced in-app (e.g., trend observations on your dog's water intake or exercise patterns). The same data classes as Chat may be sent; no file contents, photos, or your personal email / password are ever sent to the AI.

Each session opening shows the in-app disclaimer; your acknowledgement is recorded for audit.

18.2 Voice assistants & App Intents (Siri, Spotlight, Shortcuts, Apple Watch, Apple Intelligence)

On iOS (deployment target iOS 26+), PocketPaw exposes a small set of App Intents that allow voice / on-device-agent activation of: - Start a Walk / Start a Hike (with type parameter); - Stop the current walk / hike; - Open a section (PawRadar, PawMunity, PawMate, PawHub).

Apple's voice / agent assistants (Siri, Apple Intelligence, Apple Watch voice, Shortcuts, Spotlight) may pass the voice / text query through Apple's own systems (which may include on-device or Apple-cloud processing under Apple's own privacy policy) and then invoke our App Intent. The App Intent runs locally in the app; we do not receive a transcript of your voice query — only the resulting parameter values (e.g. "type=hike").

Destructive / paid actions (subscribe, public forum post) require confirmation in-app — assistants never commit such actions silently. Navigation-only intents are safe to expose broadly.

The same architectural approach (via Google's App Actions / App Functions) will be used on Android in v3. Apple's and Google's own data-processing terms govern the assistant layers themselves; once the intent is invoked, our standard data-handling described in this Policy applies.

18.3 No silent agent purchases or posting

We do not allow third-party agents (cloud or on-device) to silently purchase subscriptions, post to the forum on your behalf, or accept PawMate requests on your behalf. Any such action goes through an explicit confirmation step in the app.

19. Deep Links & Universal Links

PocketPaw supports two URL conventions: - Universal links under pocketpawapp.com (e.g. /paw/{pawFileId}, /business/{businessId}, /product/{productId}) — open content directly in the app if installed, or in the website if not. - Custom-scheme deep links under pocketpaw:// (e.g. pocketpaw://walk/start?type=hike, pocketpaw://open/pawhub) — used by App Intents, Shortcuts, and other automation surfaces.

These links carry only identifiers and verbs; they do not transmit your account credentials. When a link opens a private surface (e.g. your own Walk / Hike record), normal authentication is required.

We may update this Policy from time to time. We classify changes as:

Material changes (new categories of data collected, new sharing arrangements, new processing purposes, expanded geographic scope with new processors): we notify you via in-app banner and/or email at least 14 days before the changes take effect (or 30 days for users in the EEA, UK, or Quebec). For sufficiently material changes — including the move from Version 1.0 to this Version 2.0 — continued use is not sufficient consent; you must take an affirmative action (tapping "I accept" on an in-app screen) before continuing to use affected features.
Non-material changes (clarifications, typos, contact-info updates): we update the "Last updated" date.

The "Last updated" date at the top of this Policy reflects the most recent revision. You may always view both the current version and Version 1.0 at Settings → Legal → Privacy Policy → Version history.

If you do not agree to the updated Policy, you should stop using the Services and may delete your account; we will continue to apply Version 1.0 to retained data only insofar as required for legal compliance and dispute resolution.

21. Contact Us

For any questions or requests regarding this Policy or your data:

Email (Privacy Officer): privacy@nextpath.hk
Company: NextPath Solutions Limited
Address: Unit B, 12/F, Hang Seng Causeway Bay Building, 28 Yee Wo Street, Causeway Bay, Hong Kong

We respond within 30 days (or the legally mandated timeframe for your jurisdiction).

This Privacy Policy (Version 2.0) was reviewed by NextPath Solutions Limited's legal team on 23 May 2026 in connection with the PocketPaw v2.0 product release (PawMunity, PawPRO / PawRadar 2.0, Walk / Hike GPS, PawTime, PawMail, Growth Marks rename, Referrals, two-tier moderation, multi-platform sync prep). This document is provided for general informational purposes and does not constitute legal advice. If you have questions about your specific legal rights in your jurisdiction, consult a qualified legal professional.

← Back to Home

Table of Contents