Privacy Policy

SixPawCat Technology Co., Ltd. ("we", "us") respects and protects the privacy of every user. This policy is drafted in accordance with applicable data protection laws including the EU GDPR, California CCPA, and other regulations of your jurisdiction. It covers all SixPawCat products, including:

• CyberLife — a cyberpunk-themed subscription manager
• PawMemo — a growth journal for multi-pet families
• Other SixPawCat products to be released in the future (announced separately when launched)

This policy explains what information we collect when you use these products, how it is used and stored, and the rights you have.

1. Information We Collect

We collect only the minimum information needed to provide the service:

1.1 Common Account Information (all products)

• Email address (account identifier)
• Securely hashed password (one-way hash)
• Display name and avatar (optional, set by you)

1.2 CyberLife Business Data

• Subscription service name, amount, currency, billing cycle, and reminder times you enter
• Local push reminder settings

1.3 PawMemo Business Data

• Pet profiles: name, breed, birthday, gender, color, weight, and other basics
• Records: photos, videos, text, tags, and timestamps you upload
• Family info: family name and member relationships

1.4 Common Device Information

• Device model, OS version, App version
• Used solely for crash diagnostics and compatibility

1.5 Information We Explicitly Do Not Collect

Products covered by this policy do not collect any of the following:

• Precise or coarse location
• Contacts, call logs, or SMS content
• Microphone recordings (unless you actively use related features)
• Health, fitness, or biometric (fingerprint / face) data
• Browsing or search history
• Device advertising identifiers (IDFA / GAID)
• Any cross-app tracking identifier beyond the email you sign up with

1.6 Sensitive Personal Information

Products covered by this policy do not actively collect sensitive personal information categories such as government IDs, financial account credentials, biometric identifiers, geolocation, or health data. Account login credentials (with passwords stored as one-way hashes) qualify as "Sensitive Personal Information" under the California Consumer Privacy Act (as amended by the CPRA) and are used solely for authentication, service provision, and legal compliance — never for any secondary purpose. California residents may exercise the Right to Limit Use of Sensitive Personal Information under CPRA (see Section 6). CyberLife subscription amounts are treated as ordinary financial records, not sensitive personal information.

2. Data Storage, Security & International Transfers

Account information and business data for international users are stored on cloud servers located in the United States. (Users in mainland China access a separate region with data stored in China per local law.) All data in transit is protected using industry-standard encryption protocols (HTTPS / TLS), and passwords are one-way hashed before storage — we cannot read your plaintext password. Sync data is also encrypted at rest.

2.1 Cross-Border Data Transfers

If you are located in the European Economic Area (EEA), the United Kingdom, Switzerland, or other jurisdictions where international data transfer rules apply: when your data is transferred to our cloud servers in the United States, we rely on lawful transfer mechanisms including the European Commission's Standard Contractual Clauses (SCCs) or equivalent safeguards. By using our services, you acknowledge and consent to this transfer.

3. Third-Party SDKs & Services

To deliver complete functionality, we integrate services from the following third-party companies:

• Apple: in-app purchases and subscriptions via StoreKit; cross-device sync via iCloud (CloudKit), only when you enable it and controlled by your Apple ID
• Google (if applicable): third-party sign-in via Google Sign-In; subscriptions via Google Play (Android)
• Cloud infrastructure providers: server hosting, file storage, and email-based verification codes

All products covered by this policy do not embed any analytics, advertising, or tracking SDKs. We do not share your business data with third parties for advertising or marketing.

3.1 Google API Limited Use (if applicable)

For SixPawCat products that integrate Google Sign-In or other Google APIs: SixPawCat's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising, sell it to third parties, or use it to train any AI/ML models.

3.2 Third-Party Privacy Policies

• Apple Privacy Policy: apple.com/legal/privacy
• Google Privacy Policy: policies.google.com/privacy

4. Sharing & Disclosure

We do not sell, rent, or share your personal information with any third party for advertising or marketing. We may disclose information only when:

• You have given explicit prior consent
• Required by valid legal process from competent authorities
• Necessary to protect public safety or comply with applicable law

PawMemo Family Sharing: Members of the same family group can see pet profiles, records, and photos in that family. This is a core product feature. Please make sure you trust the people you invite before adding them.

5. Data Retention

We retain your personal information only for as long as necessary:

• Account information: retained while your account is active
• Business data (subscriptions, pet profiles, uploaded photos / videos / text): retained while your account is active
• Backup data: removed from all backups within 30 days after account deletion
• Crash diagnostic logs: automatically purged after 90 days
• Email verification codes: expire 24 hours after issuance

Where law requires longer retention (e.g., transaction records, tax records), we retain such data for the legally mandated period.

6. Your Rights (GDPR / CCPA / Other)

Under the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the UK Data Protection Act, and other applicable data protection laws, you have the rights to:

• Access, correct, export (data portability), or delete your personal data
• Withdraw consent at any time
• Object to processing or request restriction of processing
• Opt out of any sale or sharing of personal data (we do not sell or share for cross-context behavioral advertising)

6.1 How to Exercise Your Rights

• Self-service in app: Go to Settings → Account → Delete Account in any of our apps to permanently erase all cloud data
• Email request: contact privacy@sixpawcat.com with your request. We will respond within 30 days. We may ask for verification information to confirm your identity before fulfilling sensitive requests.

6.2 Right to Lodge a Complaint

If you are an EEA, UK, or Swiss resident, you have the right to lodge a complaint with your local data protection supervisory authority. California residents may contact the California Attorney General. We encourage you to contact us first so we can address your concerns directly.

7. App Permissions

Different products request different system permissions:

7.1 CyberLife Permissions

• Notifications: send subscription renewal reminders
• Network: sign-in, data sync, exchange-rate refresh
• Camera: scan promo code QR codes (optional)

7.2 PawMemo Permissions

• Camera: capture pet photos and videos
• Photos: import existing pictures into records
• Notifications: send vaccine, deworming, and health reminders
• Network: sign-in and data sync

All permissions can be revoked anytime in iOS or Android system settings. Disabling a permission may render the corresponding feature unavailable.

8. Children's Privacy

The products covered by this policy are not directed to children under 13 (or the equivalent age in your jurisdiction, e.g., 16 in some EU countries). We do not knowingly collect personal information from children under 13. If we discover that a child has provided us personal information without verifiable parental consent, we will delete it immediately. If you are a parent or guardian and become aware that your child has submitted personal information to us, please contact privacy@sixpawcat.com so we can take action.

9. Policy Updates

We may update this policy from time to time. The "Last Updated" date at the top reflects the most recent revision. For material changes that affect your rights, we will notify you in advance through in-app notice, email, or other reasonable means.

10. Website Cookies & Tracking

The sixpawcat.com website itself does not use cookies, web analytics, advertising pixels, or browser fingerprinting. This statement applies to this website only; data collection for SixPawCat mobile apps is described in the product sections above.

11. Contact Us

For any questions or suggestions about this policy, contact: privacy@sixpawcat.com

12. Legal Entity

• Company name: SixPawCat Technology Co., Ltd.
• Registered jurisdiction: People's Republic of China (Hangzhou, Zhejiang)
• Privacy contact: privacy@sixpawcat.com
• General contact: connect@sixpawcat.com

This information is provided for transparency and legal compliance under applicable data protection laws.