← Back to Home

Privacy Policy

Last Updated: May 5, 2026

Effective Date: May 5, 2026

1. Introduction

MyPetVault (“MyPetVault,” “we,” “us,” or “our”) provides a mobile application and a marketing website at mypetvault.org (collectively, the “Services”) that help people keep and organize their pets’ health records. This Privacy Policy explains what information we collect when you use the Services, why we collect it, how we use it, who we share it with, and what choices you have.

1.1 Data Controller

Iterrum LLC (operating the Services as MyPetVault) is the data controller for the Services. Our mailing address is TODO: add Iterrum LLC mailing address before publishing legal pages. For all data-protection inquiries, contact us at support@mypetvault.org.

1.2 Plain Language and Legal Effect

We have tried to write this policy in plain language. Where legal precision is needed, we have added it. By creating an account or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Services.

MyPetVault is in active development. When practices change in ways that affect your privacy, we will update this document and note the date at the top. Significant changes will be communicated more directly — see Section 12.

2. Information We Collect

We collect only what is needed to run the Services. Below is a description of the categories of information we collect.

2.1 Account Information

When you create a MyPetVault account, the following information is stored in your account record:

• Email address — your unique, case-insensitive account identifier and the address we use for service-related communication, password resets, and email verification.
• Password hash — we never store your password in plaintext. We store only a hash produced by an industry-standard password-hashing function with a per-account salt. See our Security page for details.
• Display name — the name shown in the app. This can be anything you want and does not need to be your legal name.
• Authentication provider — records whether you signed up with email/password or via a federated identity provider (Apple, Google) so we know how to authenticate you.
• Email verification timestamp — set when you click the verification link sent to your address.
• Subscription tier and a RevenueCat customer identifier — used to look up your active subscription entitlements with our subscription processor.
• Avatar storage key — a pointer to your optional profile photo if you upload one.

2.2 Pet Information

For each pet you add, you may provide the following. All fields are under your control and can be left blank:

• Name
• Species (dog, cat, or other)
• Breed
• Sex
• Birthdate (and a derived age label for display)
• Preferred weight unit (pounds or kilograms)
• Free-text notes
• An optional avatar photo

2.3 Health Records

The core purpose of MyPetVault is to keep pet health records. These records are information you choose to add, either by typing them in or by uploading a document. The categories of records we store include:

• Visits: clinic name, reason for visit, summary, and notes.
• Medications: name, instructions, and start or end dates.
• Vaccinations: name, administered date, next due date, a verification flag (so you know whether the entry was confirmed by you), and a link back to the original document we read it from.
• Weights: measured value, unit, and date.
• Allergies: allergen and reaction description.

2.4 Documents You Upload

You may upload documents — vet receipts, lab results, vaccination certificates, and similar — so the app can pull information out of them. We accept common document and image formats. File size and format limits may change over time. The original file is stored in encrypted form by our database and storage providers, alongside its file type, size, and a content hash (used for duplicate detection). We also keep a record of the file’s original filename, optional vet clinic name, vet phone, vet email, and document date.

Uploads are coordinated so the client can resume an interrupted upload, and processed by a background job. The information our document-reading processor returns is stored alongside your records, with one row per candidate field — each candidate includes a structured payload and a confidence summary so you can review, accept, or reject what we read.

OCR and AI-assisted extraction is not guaranteed to be accurate. All extracted fields are presented to you as unconfirmed candidates — no data is written to your record until you explicitly review and confirm it. You are responsible for verifying the accuracy of any information you choose to save.

2.5 Technical Information

The app sends a small amount of technical information with each request so we can serve it correctly and diagnose errors:

• The version of the app you are running (so we know what code path to expect).
• The device platform (for example, iOS or Android) as part of standard HTTP headers.
• An IP address, which is inherent to any internet connection and is used for rate limiting and abuse protection.
• A device push token if you opt in to push notifications, so we can deliver vaccination reminders and similar service-essential alerts.

We do not collect:

• Your precise GPS location.
• Biometric identifiers of any kind (face, fingerprint, voiceprint).
• Content from your contacts, calendar, photo library (other than files you choose to upload), microphone, or SMS.
• Your browsing history outside our Services.
• Your social-graph information.
• Advertising identifiers (no IDFA, no Android Advertising ID).
• Device fingerprints of any kind.

3. How We Use Your Information

We use the information described in Section 2 only for the purposes listed below. For users protected by the EU/UK GDPR, each purpose is paired with the lawful basis on which we rely under Article 6.

• Provide the Services — create your account, authenticate you, store your pets and records, and show them back to you. Lawful basis: contract (Art. 6(1)(b)).
• Read the documents you upload and pull out the records, using the processor described in Section 4. Extracted data is presented for your review and requires your explicit confirmation before being saved. We make no warranty as to the accuracy of automated extraction. Lawful basis: contract (Art. 6(1)(b)) — you asked us to read the document.
• Send service-essential communications (security updates, account issues, password-reset emails, push notifications you have opted into). Lawful basis: contract (Art. 6(1)(b)) for transactional messages; consent (Art. 6(1)(a)) for push notifications.
• Process subscription payments through RevenueCat and the relevant app store. Lawful basis: contract (Art. 6(1)(b)).
• Keep the Services working and safe — apply rate limits, prevent abuse, diagnose errors, and maintain backups. Lawful basis: legitimate interests (Art. 6(1)(f)) in operating a secure and reliable service.
• Respond to support requests and data-rights requests. Lawful basis: contract (Art. 6(1)(b)) and legal obligation (Art. 6(1)(c)).
• Comply with legal obligations that apply to us, such as responding to valid legal process. Lawful basis: legal obligation (Art. 6(1)(c)).
• Measure how the marketing site performs — automatic for visitors from the United States and Canada under those jurisdictions' opt-out frameworks; off by default for the European Economic Area, the United Kingdom, and Switzerland (where our service is currently restricted in any event). See Section 11 for the full mechanics. Lawful basis (where GDPR applies): consent (Art. 6(1)(a)).
• Produce aggregated and anonymized statistics from records in our system, as described in Section 15. Lawful basis: legitimate interests (Art. 6(1)(f)) in understanding pet-health trends and sustaining the Services. Once data has been aggregated and irreversibly anonymized, it ceases to be “personal data” under the GDPR, so further use is not restricted by Article 6.

We do not currently use your uploaded documents or health records to train, fine-tune, or evaluate any AI or machine-learning models. If this practice changes in the future, we will notify you in advance and obtain any consent required by applicable law before doing so.

We may use your information to serve advertising, to build advertising audiences, or to measure advertising performance. You can opt out at any time on our Cookie Settings page or by emailing support@mypetvault.org. See Section 15 for how to opt out of "sale" or "sharing" of personal information for cross-context behavioral advertising under California and other applicable state laws.

Our processing purposes will evolve as the Services develop; we may add, modify, or retire purposes from time to time, and will update this policy when we do. Material changes will be communicated per Section 12.

4. Third-Party Processors

We use a small number of service providers to run MyPetVault. Each one acts as a processor on our behalf, under a written data-processing agreement, and may not use your data for its own purposes. The processors below reflect our current setup. We may add, replace, or remove processors as the Services evolve; we will update this list when we do.

4.1 Supabase (Supabase Inc.) — Auth Bridge, Database, and Storage

Supabase provides the authentication bridge for our email-based flows (password reset, invite acceptance, email verification, and federated sign-in handoff), the managed database that holds the information described in Section 2, and the underlying object storage where uploaded documents live. Supabase receives every category of data described in Section 2 because it operates the database where that data lives. Supabase retains encrypted database backups on its standard rolling backup schedule.

4.2 Vercel (Vercel Inc.) — Marketing Site Hosting

Our marketing website at mypetvault.org is hosted by Vercel. Vercel serves static pages and sees standard web server information such as IP addresses, user agents, and request paths. Vercel does not receive your account contents or any health records.

4.3 Cloudflare (Cloudflare, Inc.) — DNS and Edge

Cloudflare provides DNS resolution and edge network services for mypetvault.org. Cloudflare sees the IP addresses, user agents, and request paths of visitors to the marketing site and routes traffic to Vercel. It does not receive account contents or health records. Cloudflare logs are retained on Cloudflare’s standard schedule.

4.4 Google Cloud (Gemini family of models) (Google LLC) — Document Reading

When you upload a document, the contents of that document are transmitted to Google's Gemini API so it can read the document and return candidate fields (for example, a vaccination name and date). Google is the only third party that receives the contents of documents you upload. The structured prompt we send to Google does not include any account-derived identifier — your name, email address, account ID, address, subscription status, and similar are NOT passed in the prompt. However, the document itself is sent to Google as-is and is not modified or redacted by us before transmission. Documents you upload typically include information printed on them by the vet or clinic, which often includes the pet owner's name and contact details, the vet's name and clinic, phone numbers, and similar — Google receives that information as part of the document content. If you would prefer specific information not be transmitted to Google, redact it on the document before uploading or use manual entry instead. Google processes the request under its Google Cloud / Vertex AI terms, which prohibit Google from using your inputs to train its foundation models.

If you do not want your documents processed by Gemini, you can use MyPetVault without uploading documents at all — every record type can be entered manually. See our Data Rights page for details on opting out of document reading.

4.5 RevenueCat (RevenueCat, Inc.) — Subscription Management

RevenueCat brokers subscription state between the app stores (Apple App Store, Google Play) and our backend. RevenueCat receives a customer identifier, your subscription tier, and the metadata returned by the relevant app store. RevenueCat retains that identifier and historical subscription events on its own retention schedule even after you delete your MyPetVault account, because that information is part of the financial record of the subscription transaction. RevenueCat does not receive any of your pets’ records or uploaded documents.

4.6 Expo (Expo, Inc.) — Push Notification Delivery

We deliver push notifications (for example, vaccination reminders) through Expo’s push notification service. Expo receives the device push token associated with your device and the contents of the notification message. Push notification content is purposely minimal and does not include sensitive medical detail beyond what is needed for the reminder to be useful.

4.7 PostHog (PostHog Inc., US Cloud) — Product Analytics

We use PostHog's US cloud to measure how the marketing site performs (for example, which pages people read before downloading the app). Autocapture, session replay, and heatmaps are turned off. PostHog receives a randomly generated visitor identifier, the page you visited, and standard request metadata. PostHog acts as a processor on our behalf and is contractually prohibited from using the data for its own purposes. The marketing site is not offered to EU/EEA, UK, or Swiss visitors (see Section 9), so PostHog never receives data from residents of those regions. For visitors in the United States or Canada we operate under the US opt-out model — see Section 11 for the cookies set and how to withdraw consent.

4.8 Background Infrastructure

Document reading runs as a background job. Job queueing is handled by background queue infrastructure operated by our cloud provider; this infrastructure stores only the job identifier and a pointer to the document, never the document contents themselves.

4.9 Resend (Resend, Inc.) — Transactional Email

We deliver transactional emails — account verification, password reset, and shared records sent to your vet — through Resend. Resend receives the recipient email address, the email subject and body, and standard delivery telemetry (delivered, bounced, complained). Resend operates under its own privacy policy at resend.com/legal/privacy-policy.

4.10 Planned Processors (not yet active)

When we begin centralized error monitoring, we plan to use Sentry (Functional Software, Inc.). We will update this section before that provider receives any production data.

5. How We Share Information

We do not currently sell or share your personal information (as defined by the California Consumer Privacy Act at Cal. Civ. Code §1798.140(v)(1) and §1798.140(ah)) or your personal data (as defined by GDPR Article 4). If this practice changes in the future, we will update Section 15 of this policy and notify you in advance, and you will have the right to opt out before any sale or sharing begins — see the Data Rights page.

Outside of any future commercial sharing described in Section 15, we share information in the following circumstances:

• With processors we have named in Section 4, and only to the extent necessary for them to provide their service to us.
• With you — we will return your own data to you on request (see Data Rights).
• To comply with legal obligations. If we receive a valid legal request (for example, a subpoena or court order), we will evaluate it carefully and comply only to the extent required by law. Where we are legally allowed to notify you first, we will.
• To protect rights and safety. We may disclose information if we reasonably believe it is necessary to investigate fraud, prevent imminent harm, or enforce our Terms of Service.
• In a business transfer. If Iterrum LLC is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you and give you meaningful choices before any such transfer takes effect.

6. Data Retention

We retain your records for as long as your account is active and you keep them.

When you delete an individual record in the app, we mark it as removed and stop showing it to you immediately. The underlying database row is kept until you delete the account it belongs to or send a record-level purge request to support.

Account-level deletion is described in Section 7 (Your Rights). Once you confirm an account deletion in the app, your user record, every pet, every health entry (visits, medications, vaccinations, weights, allergies), every uploaded document, and the underlying file in storage are removed from our active database in a single operation, with no recovery window.

Encrypted database backups are kept for a limited rolling window — typically up to 30 days — set by our database provider. Records that have been purged from the live database will not be restored from those backups in normal operations; if a disaster-recovery restore is ever required, we will re-apply the deletion as soon as practicable after the restore.

We do not currently delete accounts automatically for inactivity. If you stop using MyPetVault and do nothing, your records remain until you delete the account in the app or ask us to remove them.

Some records may survive deletion of your MyPetVault account because a third party retains them on its own schedule — most notably, RevenueCat retains your subscription transaction history (see Section 4.5). We cannot purge data from a third party’s independent business records on your behalf; you may need to contact that processor directly.

7. Your Rights

You have the right to access, correct, export, and delete the information we hold about you, as well as other rights depending on where you live. A full description of these rights, and how to exercise them, is on our Data Rights page. To make a request, email support@mypetvault.org from the email address on your account.

7.1 Deleting Your Account

You can delete your account and all associated data directly from the app:

1. Open the You tab and tap the gear icon to open Settings.
2. Scroll to Delete Account.
3. Type your email to confirm, then tap Delete account permanently.

Deletion is immediate and irreversible. Your user record, every pet on the account, every health record (visits, medications, vaccinations, weights, allergies), every uploaded document, and the underlying files in storage are removed from our active database in a single operation. We retain no copy that points back to you.

Backups. Encrypted snapshots of the database may be retained for up to 30 days strictly for disaster-recovery purposes. We do not access these backups except in the event of a recovery; if a recovery occurs, we re-apply your deletion as soon as practicable.

Subscriptions. Deleting your account does not cancel an active Apple App Store or Google Play subscription. You must cancel those separately under iOS Settings → Apple ID → Subscriptions or Google Play → Subscriptions. The app surfaces this clearly on the deletion confirmation screen for subscribed users.

If you cannot access the app, email support@mypetvault.org from the address on your account and we will complete the deletion within 30 days.

7.2 Response Times

We aim to acknowledge requests within 30 days of receipt. If a request is complex or we have received many requests, we may extend the response window by up to a further 60 days (90 days total from receipt, in line with GDPR Article 12(3)). We will tell you within the first 30 days if we need the extension and why.

7.3 Right to Lodge a Complaint

If you believe we have mishandled your personal data and you are protected by the GDPR or UK GDPR, you have the right to lodge a complaint with your national supervisory authority. We would prefer the chance to address your concern first — please email support@mypetvault.org — but you are not required to contact us before going to your regulator.

8. Children’s Privacy

MyPetVault is intended for adults keeping track of their pets’ health. The Services are not directed to children under 13 in the United States (the threshold under the Children’s Online Privacy Protection Act, 15 U.S.C. §§6501–6506) or to children under 16 in the European Union (the default threshold under GDPR Article 8) — although we note that we do not currently offer the Service to EU residents (see Section 9). We do not knowingly collect personal information from children below the applicable threshold. If we learn that we have done so without verifiable parental consent, we will delete it. Parents or guardians who believe their child has provided us with personal information should contact support@mypetvault.org.

9. International Users

Our Services are hosted in the United States and we restrict signups and use to residents of the United States and Canada. Visitors from the European Economic Area, the United Kingdom, and Switzerland are blocked at our edge layer.

If you access the Services from outside the United States or Canada, you do so at your own initiative and at your own risk, and you understand that your information may be transferred to, stored, and processed in the United States, where privacy laws may be different from those in your country. We may not be able to honor every right available to you under your local law.

Where we transfer personal data across borders to a processor (for example, to PostHog's US cloud or to Google's globally distributed Gemini infrastructure), we rely on appropriate safeguards permitted by applicable data-protection law, including the European Commission's Standard Contractual Clauses and the UK Information Commissioner's International Data Transfer Addendum where applicable.

10. Security

We use commercially reasonable administrative, technical, and physical safeguards designed to protect personal information. No method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security. Our current measures include password hashing with a per-account salt, signed session tokens using industry-standard cryptographic message authentication, HTTPS with HSTS preload, encryption at rest, row-level security on database tables that hold user data, and rate-limited authentication endpoints. For a full description of our security practices, see the Security page.

11. Cookies, Local Storage, and Analytics

This section describes everything we store on your device through the MyPetVault marketing site and how the analytics defaults work.

11.1 Strictly Necessary Storage

These entries are required to deliver the site you asked for and are set without consent because they implement choices you actively make:

• Language preference — stored as a cookie named mypetvault-locale and a matching localStorage entry, so the site loads in your chosen language on return visits.
• Consent record — when you adjust your analytics choice on the Cookie Settings page, we store your selection as a localStorage entry named mypetvault-consent-v1 so we remember it on return visits.

11.2 Analytics — On by Default in the United States and Canada, Off Otherwise

If you visit from the United States or Canada and your browser is not sending a Do Not Track or Global Privacy Control signal, we automatically load the PostHog browser SDK pointed at PostHog's US cloud. This is permitted under the United States' opt-out privacy framework — the California Consumer Privacy Act, the Virginia Consumer Data Protection Act, the Colorado Privacy Act, and similar state laws all use an opt-out model for analytics and we comply with each of them.

PostHog sets first-party cookies prefixed with ph_. Autocapture is disabled, session replay is disabled, and heatmaps are disabled — we only record explicit page views and a small number of named events (for example, "clicked App Store badge"). We do not collect your name, email, IP address, precise location, or any record of your pets. You can opt out at any time on our Cookie Settings page or by emailing support@mypetvault.org.

If you visit from the European Economic Area, the United Kingdom, or Switzerland, the marketing site is restricted (see Section 9 and Terms Section 2). In the rare case our geo-restriction misses you, we do not load PostHog without your explicit opt-in, in line with GDPR and the ePrivacy Directive.

11.3 Mobile App Analytics, Advertising Identifiers, and Tracking

We may collect product-analytics events from inside the MyPetVault mobile app to understand which features are used, where users encounter problems, and how the Services perform on your device. Mobile-app analytics may be processed by PostHog or other product-analytics providers and may include events derived from your interactions with the app, technical metadata about your device, and identifiers necessary to associate events with the correct account.

On Apple devices, we will request your permission via the App Tracking Transparency (ATT) prompt before using the Identifier for Advertisers (IDFA) for any cross-app or cross-website tracking. You can revoke that permission at any time in iOS Settings → Privacy & Security → Tracking. On Android devices, you can reset your Advertising ID in your device settings or opt out of personalized advertising.

We may also work with advertising and measurement partners to display advertising in the mobile app, to build advertising audiences, and to measure the performance of advertising campaigns. The disclosures and opt-out paths in Section 15 apply to those partners.

11.4 Honored Signals

We honor the Global Privacy Control (GPC) signal and the Do Not Track (DNT) signal on the marketing site: if your browser sends either, we treat it as an opt-out of analytics and do not load PostHog on the marketing site, regardless of region.

11.5 Auth Bridge Pages

Three pages exist on the marketing site only because Supabase auth emails need a web URL to redirect to: /forgot-password, /reset-password, and /set-password. These pages use the publishable (anon) Supabase key, are configured persistSession: false, never persist a session to your browser’s local or session storage, and call signOut() the moment a new password is saved. We hold nothing about you past that single call. The post-confirmation landing page at /email-verified is a static page that holds no tokens at all.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our Services, or applicable law. When we do, we will update the “Last Updated” date at the top of this page.

If the changes are material, we will take reasonable steps to notify you before the changes take effect: by email to the address on your account, by an in-app notification, and by giving at least 30 days’ notice between the announcement and the effective date so you have time to review the change and exercise any rights you wish to.

Your continued use of the Services after the effective date of a revised Privacy Policy constitutes your acceptance of that revised policy.

13. Contact Information

If you have questions about this Privacy Policy or about how MyPetVault handles your data, please contact us at:

Iterrum LLC
Email: support@mypetvault.org
Web: mypetvault.org

Mailing address: TODO: add Iterrum LLC mailing address before publishing legal pages.

We will acknowledge receipt of any privacy inquiry within 48 hours.

14. Effective Date

This Privacy Policy is effective as of May 5, 2026.

15. Commercial Use of Data

Operating the Services costs money. To sustain MyPetVault and continue investing in the product, we may make commercial use of information collected through the Services. This section describes what that may include and how you can opt out where you have the right to do so.

15.1 Aggregated and Anonymized Data

We may produce, retain, license, or sell statistical information derived from records in our system — for example, the percentage of dogs of a given breed in a postal-code region that received a particular vaccine in a given year, or the average interval between rabies booster doses across a sample of cats. Aggregated and anonymized data may include statistics derived from any field in our system.

This information is aggregated (it describes groups, never an identified individual) and anonymized (irreversibly stripped of identifiers in line with the standard set out in Recital 26 of the EU General Data Protection Regulation, so the original record cannot be re-derived from it, even by us). We may use techniques such as removing direct and indirect identifiers, aggregating to a minimum group size below which a statistic is suppressed, and adding statistical noise where appropriate.

Because aggregated and anonymized information is not "personal information" as defined in Cal. Civ. Code §1798.140(v)(3) and is not "personal data" under GDPR Article 4, sharing, licensing, or selling it is not a "sale" or "share" of personal information under the CCPA / CPRA, and it is not subject to the lawful-basis requirements of GDPR Article 6 once anonymization is complete.

15.2 Personal Data

We do not currently sell or license identifiable personal information to third parties. If this practice changes in the future, we will update this policy and notify you at least 30 days before the change takes effect, as described in Section 12.

15.3 Your Right to Opt Out

California residents and residents of other US states with comprehensive consumer-privacy laws have the right to opt out of the "sale" or "sharing" of their personal information, and the right to limit the use of sensitive personal information, as defined by the applicable state law. We honor those rights. To exercise the right to opt out, visit Cookie Settings, visit Data Rights, or send a request to support@mypetvault.org from the address on your account with the subject line "Do Not Sell or Share My Personal Information". We honor the Global Privacy Control (GPC) browser signal as a valid opt-out request. We will not discriminate against you for exercising this right.

Sharing or selling personal information from a known minor under 16 in California requires the minor's affirmative authorization (or, for under-13s, parental authorization). The Services are intended for adults; if we learn that a minor under the applicable age has used the Services without proper authorization, we will refrain from selling or sharing their personal information.

Even where we are not legally required to honor an opt-out request, we will use commercially reasonable efforts to do so. Once an opt-out is processed, we will exclude your records from future commercial sharing or licensing as soon as practicable and generally within 30 days. We cannot retroactively recall data that has already been transferred to a third-party recipient or that is part of a previously aggregated dataset.

16. Notice at Collection (CCPA)

This section is the “notice at collection” required by the California Consumer Privacy Act, as amended by the California Privacy Rights Act, for California residents. It summarizes Section 2 (what we collect) and Section 3 (why) in the categories the statute uses.

We collect the following categories of personal information:

• Identifiers — your email address, your account identifier, and the IP address inherent to any internet request.
• Account information — your display name, password hash, authentication provider, email-verification timestamp, subscription tier, RevenueCat customer identifier, and a pointer to your optional avatar.
• Pet health records — the visit, medication, vaccination, weight, and allergy entries you create about your pets. (Note: under California law, pet medical information is not “medical information” as defined in the CMIA — that statute applies to records about people. We treat it with the same care nonetheless.)
• Documents you upload — the original file you upload, its filename and metadata, its content hash, and the candidate fields we read from it.
• Technical and device data — app version, device platform, IP address, and (if you opt in to push) a device push token.

We use this information for the following business and commercial purposes:

• Operating the Services — storing your records, authenticating you, reading the documents you upload, and showing your records back to you.
• Subscription billing through RevenueCat and the relevant app store.
• Push notifications you opt in to (for example, vaccination reminders).
• Security, abuse prevention, and diagnostics.
• Product analytics and performance measurement on the marketing site and inside the mobile app.
• Advertising, audience-building, and advertising performance measurement.
• Compiling aggregated and anonymized statistics, as described in Section 15.

We do not currently sell or share any of the categories of personal information listed above. If this practice changes in the future, we will update Section 15 and notify California residents in advance. We retain personal information for as long as your account is active and we aim to permanently purge it as soon as practicable and generally within 30 days of a verified deletion request, subject to backup-retention and third-party-records caveats described in Section 6. To exercise your California rights (right to know, right to delete, right to correct, right to limit use of sensitive personal information, right to opt out of any future sale or sharing), see our Data Rights page.