Sund
Log inSign up

Legal

Privacy Policy

Last updated: May 24, 2026

1. Who we are

Sund Pass ("we", "us", "our") is a dog health wallet operated by Sund, based in The Netherlands. We act as the data controller for personal data processed through the Sund Pass app and website. You can reach us at renske@sund.dog.

2. What we collect

  • Account data: email, display name, optional phone number.
  • Dog profile data: name, breed, date of birth, sex, weight, microchip, photos, country.
  • Health data: vaccinations, medications, vet records (including uploaded photos and documents), behaviour notes, weights.
  • Sharing data: caregiver share links, QR tokens and Sund tag claims you create.
  • Device data: push notification subscription details if you enable reminders.
  • Technical data: minimal logs required to operate the service (e.g. error reports, IP address at request time).

3. Why we process it (legal basis)

  • Contract (Art. 6(1)(b) GDPR): to provide the wallet, store your records, and let you share them.
  • Legitimate interest (Art. 6(1)(f) GDPR): to keep the service secure and prevent abuse.
  • Consent (Art. 6(1)(a) GDPR): for push notifications and optional features.
  • Legal obligation (Art. 6(1)(c) GDPR): when required to comply with EU or national law.

Veterinary records may include data concerning your dog's health. This is not personal data about you, but we treat it with the same level of care.

4. Who we share it with

We do not sell your data. We share it only with infrastructure providers that process data on our behalf under a Data Processing Agreement:

  • Supabase (database, authentication, storage) — EU region.
  • Lovable Cloud — EU-hosted application platform.
  • People you explicitly share a record or QR/Sund tag with.

5. International transfers

Data is stored in the European Union. If any sub-processor transfers data outside the EU/EEA, we rely on the European Commission's Standard Contractual Clauses.

6. How long we keep it

We keep your data for as long as your account is active. When you delete your account, all dogs, records, files, shares and tokens are permanently removed within a reasonable timeframe. Append-only logs required for security or legal reasons may be retained for up to 12 months.

7. Your rights under GDPR

You have the right to:

  • Access a copy of your data — use Settings → Export my data.
  • Rectify inaccurate data — edit your profile and dog records at any time.
  • Erase your data — use Settings → Delete account.
  • Restrict or object to processing.
  • Data portability — exports are provided as machine-readable JSON.
  • Withdraw consent (e.g. disable push notifications).
  • Lodge a complaint with your local supervisory authority (in the Netherlands: Autoriteit Persoonsgegevens).

To exercise any of these rights, email renske@sund.dog.

8. Cookies & analytics

Sund Pass uses only strictly necessary cookies and local storage required to keep you signed in and remember your preferences.

We also collect lightweight, self-hosted product usage events (such as "signup", "dog_created", "record_uploaded") on the lawful basis of legitimate interest (Art. 6(1)(f) GDPR), to understand how Sund Pass is used and to fix problems. These events do not use cookies, do not store your IP address, and are never shared with third-party advertisers. Page-view tracking is only enabled if you accept the cookie banner. Event data is kept for up to 12 months and then deleted.

9. Children

Sund Pass is intended for users aged 16 and over.

10. Changes to this policy

We may update this policy. Material changes will be communicated by email or an in-app notice before they take effect.

11. Contact

Questions or requests: renske@sund.dog.