Skip to content
MyPetVault logo
How it worksPricingHelpGet the app

← Back to Home

Security

Last Updated June 17, 2026

Pet health records are personal. Vaccine dates, medications, allergies, notes from your vet — that information belongs to you and your family, and MyPetVault is built around that idea. This page explains, in plain language, how we protect your account and the information you store with us.

MyPetVault is still in active development. The practices below describe what the app does today. When we add new protections, we will update this page and note the date at the top.

Security is an ongoing practice, not a fixed checklist. The technical measures described below reflect our current setup and will evolve over time as the threat landscape changes and our infrastructure matures. We may add, remove, or change individual safeguards without amending this page.

At a glance

Your vault is a locked box.

You choose when to open a small door. A clinic can drop records in. A vet, sitter, or family member can use a link you send. When the time is up, or when you turn it off, the old code stops working.

A drop-off door

Someone can send records in, but they cannot open the rest of your pet's vault.

Keys expire

An email can stay in an inbox, but the link inside is built to stop working.

You can close it

Turn sharing off or make a new code, and the old one no longer opens.

You check what gets saved

New records wait for you to review them before they go into your pet's profile.

1. How We Protect Your Account

1.1 Passwords

We never store or transmit your password in plaintext, and no one on our team can see it — not now, not ever. When you create an account or change your password, we hash it using an industry-standard password-hashing function configured to current best-practice parameters. Only the hash is stored. When you sign in, we compare your entry against that hash. If our database were ever compromised, attackers would find hashes, not passwords. We also enforce industry-standard password complexity requirements when you choose a new password.

1.2 Sessions

After you sign in, the app uses a signed bearer session token that the server verifies on every request, which means tokens cannot be tampered with or forged. If a token is invalid, the request is rejected.

1.3 Rate Limiting

Sign-in, sign-up, and general API requests are rate-limited to levels consistent with industry guidance to defeat credential-stuffing and brute-force attacks. We do not publish specific thresholds because doing so would simply tell an attacker their budget.

1.4 Where Sign-In Lives

All sign-in happens inside the mobile app. The marketing site you are reading does not host login, signup, or session-bearing account surfaces — those all live in the app under Settings. We use Supabase Auth as our authentication processor. You can sign in with an email and password or with your Apple or Google account; when you use Apple or Google, the provider confirms your identity and we never receive the password for that account. Multi-factor sign-in is on our roadmap but not yet available.

The one exception is the password reset flow at /forgot-password and /reset-password. Those pages exist because Supabase recovery emails need a web landing page to receive the recovery token. They use the publishable (anon) Supabase key, never persist a session to browser storage, and call signOut() the moment your new password is saved. Other than a launch-notification email you choose to give us — described in 1.5 below — the marketing site holds nothing about you past that single call.

1.5 The Launch Waitlist

Before the app is published, the marketing site offers a launch-notification form. If you enter your email there, it is written to a single table in our Supabase project and used only to email you when MyPetVault launches. The form uses a publishable (anon) key whose database permissions are insert-only: it can add your address to the list but cannot read, change, or delete it, so the public site can never pull the waitlist back out. Repeat sign-ups are de-duplicated, and the form is guarded by a hidden honeypot field plus database-level checks on the address format and length to limit automated abuse. Your waitlist email is kept separate from any app account you may later create, is never sold, and is never added to advertising audiences.

You can ask us to remove your waitlist email at any time by writing to support@mypetvault.org.

2. How We Protect Your Data

2.1 Transport

All traffic between your device, our marketing site, and our API is carried over HTTPS using modern TLS. We use HSTS preload so that compliant browsers will refuse to connect over plain HTTP at all. Requests that arrive without TLS are rejected.

2.2 Storage

Your records and uploaded documents (PDFs and images) are stored in encrypted form by our database and storage providers, with encryption at rest. The exact storage layout is an implementation detail we may change to improve performance or durability. Whichever layout we use, your documents live inside the same encryption boundary as the rest of your account data. Each document is also associated with a content hash so we can detect duplicates without re-storing identical files.

2.3 Access Controls

Only the application code that needs to read or write your records can do so, and only in the context of a request authenticated as you. Employees do not have routine access to customer data. Any access for debugging or support is limited to what is necessary and is never used for marketing, profiling, or model training.

2.4 Third-Party Risks

Our Services rely on third-party infrastructure providers (hosting, database, storage, analytics, authentication, AI). We exercise reasonable care in selecting providers but we do not control their internal security practices. A security incident at one of our providers could affect data we have entrusted to them, despite our safeguards.

2.5 No Guarantees

No method of electronic transmission, storage, or processing is 100% secure. While we use commercially reasonable safeguards, we cannot guarantee absolute security and you use the Services at your own risk.

3. Document Extraction and Google Gemini

Plain-English disclosure: When you upload a document to MyPetVault, its contents are sent to Google's Gemini API so that Google can read the document and return structured data (for example, extracting a vaccination name and date from a vet receipt). The structured prompt we send alongside the document does not include any information from your MyPetVault account — we do not pass your email, your account ID, your name, your address, your subscription tier, or any other account-derived identifier in the request. We do not, however, modify, redact, or strip the document itself before sending it. Vet receipts, prescriptions, vaccination cards, and similar documents commonly have personal and contact information printed on them — for example, the pet owner's name and address, the veterinarian's name and clinic, phone numbers, and email addresses. Whatever is printed on the document is part of what Google receives. If you do not want a particular piece of information to leave our system, you can either redact it on the document before uploading, skip the upload entirely and enter the record manually, or contact us to discuss alternatives. Google processes the request under its own API terms and privacy practices.

Once Google returns the extracted fields, MyPetVault presents them to you as candidate records, card by card, and you review and confirm each one before anything is saved to your pet's profile. Nothing is added to your records automatically.

If you would prefer not to have a document processed by Google Gemini, you do not have to upload it. You can always enter records (visits, medications, vaccinations, weights, allergies) manually in the app. Manual entry never involves any third-party processor.

For the full list of what data is handled and by whom, see our Privacy Policy.

4. Sharing Records Through Limited Links

4.1 One-Way Upload Links

Inside the app, you can invite someone — a veterinary clinic, a family member, or a friend — to send records straight into one of your pets' profiles without giving them any access to your account. You create a secure upload link, which the app can also display as a QR code so a clinic can open it by scanning. Each link is built around a few deliberate limits:

  • Time-limited. Every link carries an expiry that you set. Once it lapses, the link stops working and can no longer be used to upload anything.
  • Scoped. A link applies only to the specific pets and record types you choose when you create it. Whoever opens it can add records to those pets and nothing else, and cannot see or browse the rest of your account.
  • Upload-only. The link grants permission to add a document, not to read, change, or delete anything you already have. It carries no session and never signs the holder in to your account.
  • Capped. Each link limits how many files and how much total data can be sent through it.
  • Held for your approval. Anything sent through a link arrives marked as pending and is not added to your pet's records until you review and approve it. You can decline it, and the sender can withdraw it before you review it.

Before submitting, the person uploading is asked to confirm that they are sending the records at your request or with your authorization. The upload page is built to reveal as little as possible: it is hidden from search engines, sends no referrer, and is served fresh on every request without caching. The link itself is an opaque token — the website never decodes, stores, or logs it; it is handed directly to our API, which is the only place that resolves what the link is allowed to do.

For how an uploaded record is stored and what we log about an upload (such as the uploader's label, the time, and the originating IP address, kept for audit and abuse protection), see Section 2 above and Section 2.5 of our Privacy Policy.

4.2 Temporary Share and Download Links

When you generate a share package or send records by email, MyPetVault is designed to use time-limited access links instead of treating someone's inbox like permanent storage. The message may stay in an inbox, but the key inside is temporary.

If you revoke sharing, rotate the URL, or the link expires, the old link should no longer grant access through MyPetVault. If a recipient already downloaded or saved a copy outside MyPetVault, we cannot remove that local copy from their device or inbox; expiration and revocation prevent future access through our link.

5. What We Do Not Do

Some security protections come from things we structurally do not do. MyPetVault does not:

  • Use session replay tools, full-keystroke recorders, or screen-capture instrumentation that would let us reconstruct your interactions with the app.
  • Fingerprint your device using browser, OS, or hardware characteristics in an attempt to identify you across other apps or websites that are not ours.
  • Sell, transfer, or otherwise disclose payment-card data to third parties — payment processing happens entirely inside Apple App Store or Google Play and we never see your card details.
  • Read or process documents you have not uploaded — manual record entry never sends data to our document-extraction provider.
  • Use your account password for any purpose other than verifying your sign-in. We never store, transmit, or display your password in plaintext, and no one on our team can see it.

What we may do — including using analytics inside the app and working with advertising partners — is described in our Privacy Policy. The Privacy Policy is the authoritative description of our data practices and may be updated from time to time as the Services evolve. Where applicable law gives you a right to opt out of any of these practices, the Cookie Settings page and the Data Rights page describe how to exercise that right.

We do collect anonymous web analytics on the marketing site for visitors from the United States and Canada, automatically, in line with the opt-out privacy frameworks those jurisdictions use. Analytics are processed in PostHog's and Google Analytics' US regions. The Tech Blog may also load Google AdSense for ads. We do not load analytics or AdSense for visitors with Do Not Track or Global Privacy Control enabled. See Privacy Policy Section 11 for what is collected and the Cookie Settings page to opt out at any time.

6. Reporting a Security Issue

If you believe you have found a security vulnerability in MyPetVault, we would like to hear about it. We support responsible disclosure and will not take legal action against researchers who act in good faith, avoid privacy violations, and give us a reasonable window to investigate and fix the issue before public disclosure.

Please email support@mypetvault.org with the subject line Security disclosure and include:

  • A clear description of the issue and its potential impact.
  • Steps to reproduce, or a proof of concept if you have one.
  • Any relevant URLs, request payloads, or screenshots.
  • How you would like to be credited, if at all.

We aim to respond to security reports as soon as practicable and will keep you informed throughout our investigation.

We also publish a security contact in /.well-known/security.txt per RFC 9116.

7. Questions

If you have general questions about how MyPetVault handles your data, the Privacy Policy and Data Rights pages are the best starting points. You can also reach us at:

Iterrum LLC
Email: support@mypetvault.org
Mailing address: 9528 Miramar Rd, Unit 6207, San Diego, CA 92126, United States

MyPetVault logoEVERY RECORD · KEPT SAFE

One trusted place for every pet record.

Product

  • Why we made it
  • What it does
  • How it works
  • Pricing
  • Get the app
  • What's coming

Writing

  • Blog
  • Tech Blog

Help

  • Help center
  • Contact
  • Forgot password

Legal

  • Privacy
  • Terms
  • Security
  • Your data
  • Delete account
  • Cookie settings

© 2026 MyPetVault

support@mypetvault.org