Zoaria is committed to protecting your privacy and the privacy of your pets' health information. This policy explains what data we collect, how we use it, and your rights under GDPR.
Zoaria ("we", "us", "our") is the data controller for personal information collected through our platform. We process data in compliance with EU Regulation 2016/679 (GDPR) and applicable Bulgarian data protection legislation.
We collect information you provide directly: name, email address, account credentials, pet information (name, species, breed, age, weight, health records, vaccination history), location, and profile information. For veterinary professionals, we also collect professional credentials and license documents. We collect usage data including pages visited, features used, and interaction logs.
We process your data based on: (a) contractual necessity — to provide the Zoaria service you have requested; (b) legitimate interests — to improve our platform, prevent fraud, and ensure security; (c) consent — for marketing communications and non-essential cookies, which you may withdraw at any time; (d) legal obligation — where required by applicable law.
Pet health records, medical history, vaccination data, and uploaded documents are treated with the highest level of security. This data is stored encrypted, accessible only to the pet owner and any veterinary professionals they explicitly share it with via the QR card or appointment system. We do not use pet health data for advertising purposes.
We use your data to operate and improve the Zoaria platform, to facilitate connections between pet owners and service providers, to send appointment reminders and vaccination alerts you have requested, to process payments securely through Stripe, to verify professional credentials, and to comply with legal obligations.
We do not sell your personal data. We share data only with: (a) veterinary professionals you book appointments with or message; (b) Stripe for payment processing; (c) Supabase for secure cloud storage and database services; (d) law enforcement when legally required. All third-party processors are bound by data processing agreements compliant with GDPR.
We retain your account data for as long as your account is active. Pet health records are retained for a minimum of 5 years to support ongoing veterinary care, unless you request deletion. Payment records are retained for 7 years as required by Bulgarian tax law. You may request deletion of all other data at any time.
You have the right to: access all personal data we hold about you; correct inaccurate data; request deletion of your data ("right to be forgotten"); object to processing; request data portability in a machine-readable format; withdraw consent at any time; lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP) at cpdp.bg.
We use essential cookies required for authentication and security. We do not use advertising or tracking cookies without your explicit consent. You can manage cookie preferences through your browser settings.
We implement appropriate technical and organizational security measures including encrypted data storage, secure HTTPS transmission, access controls and authentication, regular security reviews, and incident response procedures. In the event of a data breach affecting your rights, we will notify you and the relevant authorities within 72 hours as required by GDPR.
For privacy-related inquiries, to exercise your rights, or to contact our Data Protection Officer, please email privacy@zoaria.com. We will respond to all requests within 30 days.