Privacy Policy
Effective date: March 23, 2026
1. Introduction
PawRoute ("we", "us", or "our") operates the pawroute.com website and platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. By using PawRoute, you agree to the collection and use of information as described in this policy.
2. Information We Collect from Groomers
When you register as a groomer on PawRoute, we collect:
- Profile information — business name, display name, profile photo, bio, and service area.
- Service details — services offered, pricing tiers, and pet size categories.
- Availability data — working days, hours, and time-off schedules.
- Account credentials — email address and hashed password (we never store plaintext passwords).
- Revenue and booking data — appointment history, earnings summaries, and client interaction records used to power your dashboard.
3. Information We Collect from Clients
When a client books an appointment through a groomer's booking page, we collect:
- Contact information — full name, email address, and phone number.
- Pet information — pet name, species, breed, size, age, and any special notes (e.g., behavioral or health considerations).
- Booking details — selected service, preferred date/time, and appointment status.
4. Payment Information
PawRoute uses Stripe as our third-party payment processor. When you make or receive a payment through our platform, your payment details (credit/debit card number, billing address) are transmitted directly to Stripe's PCI-DSS compliant infrastructure. PawRoute does not store, process, or have access to your full card numbers. We only receive a transaction confirmation, last four digits of the card, and payment status from Stripe. Please review Stripe's Privacy Policy for details on how they handle your payment data.
5. SMS and Communication Data
PawRoute uses Twilio to send SMS appointment reminders and booking confirmations. When SMS features are enabled, client phone numbers are shared with Twilio solely for the purpose of delivering these messages. We do not use phone numbers for marketing, sell them to third parties, or retain SMS message content beyond delivery confirmation. Clients can opt out of SMS notifications at any time by replying STOP to any message. Please review Twilio's Privacy Policy for more information.
6. Cookies and Local Storage
We use the following technologies:
- Essential cookies — authentication session tokens and CSRF protection. These are strictly necessary for the platform to function and cannot be disabled.
- Analytics cookies — we may use privacy-respecting analytics (for example Cloudflare Web Analytics) to understand aggregate usage patterns. These do not track individual users across sites.
- localStorage — used to store UI preferences (e.g., theme setting, sidebar state) on your device. This data never leaves your browser.
7. Data Retention and Deletion
We retain your data only as long as necessary to provide our services:
- Active accounts — data is retained while your account is active.
- Deleted accounts — when you delete your account, we remove your personal data within 30 days. Some anonymized, aggregated data may be retained for analytics purposes.
- Booking records — completed booking records are retained for 12 months after the appointment date for dispute resolution and legal compliance, then automatically purged.
- Legal obligations — we may retain certain data longer if required by law (e.g., tax records, fraud prevention).
To request deletion of your data, email privacy@pawroute.com or use the "Delete Account" option in your dashboard settings.
8. How We Share Your Data
We do not sell your personal data. We share information only in the following cases:
- Groomer–client relationship — client booking details (name, contact, pet info) are shared with the groomer they booked with, and groomer service info is visible on public booking pages.
- Service providers — Stripe (payments), Twilio (SMS), Cloudflare (hosting), and Supabase (data) process data on our behalf under strict data processing agreements.
- Legal requirements — we may disclose data if required by law, subpoena, or to protect the rights and safety of PawRoute, our users, or the public.
9. Data Security
We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, secure authentication via Supabase Auth, and row-level security policies on our database. However, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but strive to protect your data using commercially reasonable means.
10. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your data.
- Object to or restrict certain processing.
- Data portability — receive your data in a structured format.
- Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us at privacy@pawroute.com. We will respond within 30 days.
11. Children's Privacy
PawRoute is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the effective date. Your continued use of PawRoute after changes constitutes acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us at privacy@pawroute.com.