Last updated: May 21, 2026
Privacy Policy
This Privacy Policy explains how VodoleyStudio, operating PetKindred and referred to as "we", "us", or "our", collects, uses, and shares information when you use our website and services, the "Service". PetKindred helps users create, save, manage, and share pet family trees.
If you do not agree with this Policy, do not use the Service.
1. Who We Are
VodoleyStudio is the controller of personal data processed under this Policy unless stated otherwise. PetKindred is the Service operated by VodoleyStudio.
2. Information We Collect
2.1 Account and Profile Information
We collect account information such as your email address, authentication status, profile identifier, account role, optional first name, optional last name, optional birth date, display name, account settings, and selected active tree. Passwords are handled through our authentication provider and are not stored by us in plaintext.
2.2 Pet, Tree, and Family Graph Information
We collect the pet and tree information you submit or save in the Service. This may include pet names, species, breed, sex, life status, birth dates, memorial dates, family start dates, notes or summaries, tree names and descriptions, family relationships, tree layout and workspace state, visibility settings, memberships, and private share-link settings.
2.3 Media
If you upload or attach pet photos or avatars, we collect the uploaded media, media metadata, and uploader ownership metadata needed to display and manage the media in PetKindred.
2.4 Billing and Subscription Information
If you purchase or manage a paid plan, we collect subscription status, customer identifiers, transaction identifiers, limited billing metadata, plan and entitlement information, cancellation state, renewal timing, and payment history metadata provided by Paddle or other payment providers. We do not store full payment card details on our servers.
2.5 Support and Account Deletion Requests
If you contact us, we collect the information you provide in your message. If you request account deletion, we may retain limited audit information such as masked or hashed email, related billing identifiers, request status, and timestamps as needed for security, compliance, and dispute handling.
2.6 Technical, Usage, and Log Data
We do not intentionally collect or store your IP address or device identifiers as part of your account profile. However, our hosting, authentication, database, payment, security, and infrastructure providers may process limited technical data, including IP address, user agent, request timestamps, error logs, and operational logs, for security, abuse prevention, diagnostics, and service operation.
We may process limited technical, usage, and analytics data generated automatically when you use the Service, such as feature usage, session events, performance metrics, error reports, and request timestamps. Where feasible, this data is processed in aggregated, anonymized, hashed, or pseudonymized form.
2.7 Cookies and Similar Technologies
We use cookies and similar technologies for essential functionality such as authentication, session management, security, and checkout flow continuity. We may use optional analytics or monitoring technologies where applicable and where permitted by law.
You can manage or disable cookies through your browser or device settings. Disabling essential cookies may affect authentication, session persistence, checkout, or security-related functionality. Where required by applicable law, we will request your consent before using non-essential cookies or similar technologies.
2.8 Browser-Local Storage
PetKindred may use browser-local storage, including localStorage and sessionStorage, to provide requested features without immediately saving everything to our servers. This may include unsaved sandbox pet and tree drafts, uploaded pet photo previews or data URLs, sandbox transfer tokens and pending save or share state, pending Premium actions, and local preferences such as theme, tree view, timeline view, and export quality settings.
Browser-local information may remain on your device after you close the browser and may not be removed by account deletion or server-side deletion because it is stored in your own browser. You can clear browser-local information by using available reset or discard controls in the Service, clearing browser storage, or using your browser or device settings.
When you choose to save, share, or transfer a draft, relevant draft information and uploaded photo data may be sent to PetKindred servers so we can create or update your account tree, apply your requested visibility settings, and provide the requested Service functionality.
3. How We Use Information
We use information to provide and operate PetKindred, including account creation, authentication, profile settings, tree creation, pet and relationship management, visibility controls, public and private sharing, subscription management, customer support, account deletion, abuse prevention, security, troubleshooting, reliability monitoring, service improvement, and enforcement of our Terms and applicable law.
4. Pet Tree Visibility and Sharing
PetKindred supports private and public tree visibility. If you make a tree public, information in that public tree projection may be visible to people who access the public page. If you create a private read-only share link, anyone with the valid link may be able to view the shared tree while the link remains active and permitted by your plan.
You are responsible for choosing appropriate visibility settings and for avoiding submission of personal data about other people unless you have the necessary rights, permissions, and lawful basis to do so.
5. Content Handling, Safety, and Compliance
To operate the Service and maintain safety and quality, authorized personnel may access, review, and work with account, tree, pet, media, billing, and support information for purposes such as support, handling account requests, investigating abuse or security incidents, resolving technical issues, maintaining service quality, and complying with legal obligations.
Such access is subject to internal access controls, confidentiality obligations, and applicable policies.
6. Legal Bases for Processing, EEA and UK
Where GDPR or UK GDPR applies, we process personal data based on performance of a contract to provide the Service, legitimate interests such as security, abuse prevention, fraud prevention, support, and service improvement balanced against your rights, consent where required, and legal obligations including accounting, tax, and compliance requirements.
The Service may use automated processes to manage authentication, subscriptions, entitlement limits, rate limits, abuse detection, and access restrictions. These processes are designed to protect the Service and users and do not involve automated decision making that produces legal or similarly significant effects unless required to operate the Service.
7. How We Share Information
We may share or make personal data available to third parties only to the extent necessary to operate the Service. Such third parties may include cloud hosting and infrastructure providers, database and storage providers, authentication providers, payment processors, customer support tools, analytics and monitoring services, email delivery services, and security providers.
These third parties process data under contractual obligations and are required to apply appropriate confidentiality and data protection measures. We do not sell personal information.
8. Third Party Services
The Service relies on third-party services for functions such as authentication, database and storage, payments and subscriptions, hosting and infrastructure, monitoring, and support. Their processing of personal data is governed by their own privacy policies where they act as independent controllers or service providers.
9. International Data Transfers
Your information may be processed in countries other than your own. Where required, we use appropriate safeguards for international data transfers in accordance with applicable law.
10. Data Retention
We retain personal data, pet and tree content, media, subscription metadata, technical logs, and support records for as long as necessary to provide the Service, maintain security, resolve disputes, enforce agreements, and comply with legal obligations. Retention periods may vary by data type, and we aim to delete or anonymize data when it is no longer needed.
10.1 Billing Records
When you purchase or manage a subscription, payment records, receipts, invoices, and related billing metadata may be generated by Paddle or other payment providers and may include transaction date, amount, currency, product or plan, customer identifier, subscription identifier, and your email address.
Billing and payment records may be retained for up to six years from the transaction date, or longer if required by applicable accounting, tax, financial, or compliance laws. After the applicable retention period expires, you may request deletion of billing-related data that is no longer required to be retained by law by contacting us through our contact form.
11. Account Deletion
You may request deletion of your account through available self-service settings or by contacting us. When you delete your account, we will delete or anonymize personal data and associated PetKindred content where reasonably possible, subject to legal obligations and legitimate interests such as fraud prevention, security, accounting, dispute handling, and compliance requirements.
Account deletion may remove your profile, memberships, owned trees, uploaded media ownership, and authentication access. It may also cancel future subscription renewals where technically available. Deletion does not immediately remove data from backups or logs, which may be retained for limited periods for security, compliance, and disaster recovery before deletion or anonymization.
12. Your Rights
Depending on your location, you may have rights to access, correct, or delete your personal data, to object to or restrict processing, to data portability, and to withdraw consent where processing is based on consent.
To exercise your rights, contact us through our contact form. We may need to verify your identity before responding to such requests.
California residents may have the right to request disclosure of the categories of personal information we collect, use, and disclose, the purposes of such processing, and deletion of personal information, subject to legal exceptions. We do not sell or share personal information as defined under the California Consumer Privacy Act. You may exercise your rights by contacting us through our contact form.
13. Security
We implement reasonable technical and organizational measures designed to protect information. No system is completely secure, and we cannot guarantee absolute security.
14. Children
The Service is not intended for children under the age of 13 or the minimum age required in your jurisdiction. If you believe a child has provided personal data, please contact us.
15. Changes to This Policy
We may update this Policy from time to time. We will post the updated version and revise the last updated date. If changes are material, we may provide additional notice. Continued use of the Service after updates means you have read and understood the updated Policy.
16. Contact
VodoleyStudio
Contact us through our contact form.