WOOFIX PRIVACY POLICY
Last updated: 6 June 2025
1 Overview
Woofix ("Woofix," "we," "us," or "our") provides web and mobile software that helps pet-grooming businesses manage appointments, staff, clients and pets. This Privacy Policy explains how we collect, use, disclose and safeguard personal information when you interact with:
- the Woofix mobile or desktop applications (the "App");
- our website at https://www.woofix.io/ and any site that links to this Policy (the "Site"); and
- any other Woofix products or services that display this Policy (together, the "Services").
By accessing or using the Services you agree to this Privacy Policy and our Terms of Service. If you do not agree, please discontinue use of the Services.
We may revise this Privacy Policy from time to time. The "Last updated" date shows when changes take effect. Material changes will be announced by email, in-app notice or other reasonable means.
2 Information We Collect
Category | Examples | Source |
---|---|---|
Information you provide | Business name, address, phone, email, password, staff profiles, profile photos; client and pet records (names, contact details, breed, weight, photos, signatures); appointment notes; messages and support tickets; payment card details processed by Stripe. | Directly from you or your authorised users. |
Device permissions | Calendar entries, camera/microphone input, precise geolocation (GPS/Wi-Fi/Bluetooth). | When you grant the App permission. |
Automatically collected data | IP address, general location, device type, OS, browser, referring pages, clicks, time spent, mobile ad identifiers (IDFA/AAID), cookies and similar technologies. | Cookies, SDKs, pixels, server logs. |
We may create or use aggregated or de-identified information that cannot reasonably identify you; we may use such data for any lawful purpose.
3 How We Use Personal Information
Purpose | Legal basis* |
---|---|
Send transactional communications (booking confirmations, invoices, security alerts). | Contract / legitimate interests |
Customer support and dispute resolution. | Legitimate interests |
Detect and prevent fraud, spam or security incidents. | Legitimate interests / legal obligation |
Comply with Canadian, EU/UK and other applicable laws (e.g., PIPEDA, Law 25, tax rules). | Legal obligation |
Product research, analytics and development. | Legitimate interests |
Marketing – newsletters or promotions (opt-out any time). | Consent / legitimate interests (CASL compliant) |
Corporate transactions (merger, sale). | Legitimate interests |
Any other purpose you consent to. | Consent |
* Additional GDPR details appear in the EEA/UK Addendum.
4 How We Disclose Personal Information
- Within Woofix and its affiliates for internal administration, support and analytics.
- Analytics and marketing partners (with consent where required).
- Regulators or law-enforcement when legally compelled or to protect rights, safety or property.
- Business transfers – personal information may be transferred as part of a merger, acquisition or asset sale.
- With your direction or consent.
- Service providers acting on our behalf, bound by written data-processing agreements, including:
- Supabase (database and file storage, U.S. region unless you request EU hosting);
- Vercel (application hosting and global CDN);
- Stripe (payment processing);
- Twilio (SMS delivery);
- Amazon Web Services (AWS) (backup and infrastructure).
We do not "sell" personal information or share it for cross-context behavioural advertising without consent.
5 Your Rights & Choices
Depending on where you live, you may have the right to:
- Access and obtain a copy of personal information we hold;
- Request correction of inaccurate or incomplete data;
- Withdraw consent and request deletion (subject to legal retention requirements);
- Restrict or object to certain processing;
- Data portability (available to Québec residents from 22 Sept 2024 and EEA/UK users now).
To exercise any right, email contact@woofix.io. We will verify your identity and respond within statutory timelines.
Marketing preferences (CASL)
We send commercial electronic messages only with express or implied consent under CASL. You can unsubscribe at any time; we honour opt-out requests within 10 days.
6 Cookies & Tracking Technologies
We use cookies, pixels and SDKs to:
- keep you signed in and remember preferences;
- measure traffic and performance;
- personalise content;
- advertise Woofix on other platforms (with consent).
You can manage cookies in your browser or device settings; some features may not work if disabled. We use Google Analytics; you can install the Google Analytics Opt-out browser add-on.
Our Sites do not currently respond to "Do Not Track" signals.
7 International Transfers
We store data primarily in Canada and the United States. When personal information is transferred outside Québec, we conduct a Privacy Impact Assessment (PIA) under Law 25 and rely on contractual safeguards such as the EU Standard Contractual Clauses (SCCs) to ensure comparable protection. EU/UK transfers are subject to the GDPR SCCs (see EEA/UK Addendum).
8 Data Retention
We retain personal information only as long as necessary for the purposes above or as required by law (e.g., tax, accounting, dispute-resolution). When retention is no longer justified, we securely delete or anonymise the data.
9 Security & Breach Notification
We employ administrative, technical and physical safeguards—including encryption in transit and at rest, role-based access controls, and regular penetration testing—to protect personal information. If a breach presents a risk of serious harm, we will notify the Québec Commission d'accès à l'information and affected individuals as soon as possible, and in any event within 72 hours for EU/UK users.
No system is 100 % secure; please keep your passwords confidential and notify us immediately of any suspected unauthorised access.
10 Children
The Services are not directed to children under 18. We do not knowingly collect data from minors. If we learn that we have inadvertently collected such information, we will delete it.
11 Contact Us
Privacy Officer: Privacy Officer: Samuel Montplaisir
Email: Email: contact@woofix.io
Mail: Mail: Woofix, 47 Rue Dépatie, Laval (QC) H7L 4Y5, Canada
12 Additional Information for Québec Residents (Law 25)
Topic | Woofix commitment |
---|---|
Privacy Officer | Identified above and reachable at contact@woofix.io |
Breach notification | We will notify the CAI and affected individuals as soon as possible when a breach poses a risk of serious injury. |
Privacy Impact Assessments (PIAs) | Completed for Supabase and Vercel hosting; reviewed annually or when data flows change. |
Consent & transparency | Plain-language disclosures and separate consent for secondary uses or geolocation. |
Automated decisions | See Section 3 – you may request review or explanation. |
Data portability (22 Sept 2024) | Export available in JSON or CSV upon verified request. |
13 Addendum for EEA/UK Residents
Controller: Controller: Woofix
Legal bases: Legal bases: performance of contract; legitimate interests; consent; compliance with legal obligations.
International transfers: International transfers: SCCs + technical/organisational safeguards; copies available on request.
Your GDPR rights: Your GDPR rights: access, rectification, erasure, restriction, objection, portability, and to lodge a complaint with your supervisory authority.
Representative (Art 27): Representative (Art 27): [Insert EU representative's name and contact once appointed].
We respond to rights requests within 30 days.
14 U.S. State Privacy Notice (California, Virginia, etc.)
If you are a resident of a U.S. state with a comprehensive privacy law, you may have additional rights to access, delete, correct, or opt out of certain processing. To exercise those rights, email contact@woofix.io with "U.S. State Privacy Request" in the subject line. We will verify your identity and comply as required by applicable law.