Legal
Privacy Policy
Last updated: 6 July 2026
How TailTrack handles personal information when we provide software for UK pet-care businesses.
Who We Are
TailTrack helps dog walkers, pet sitters and other pet-care businesses manage booking requests, clients, pets, Pet Passport information, schedules, communications and payments.
TailTrack is operated by TailTrack, a UK-based service for UK pet-care businesses.
- Privacy email
- hello@tailtrack.co.uk
- General contact email
- hello@tailtrack.co.uk
- Data protection contact
- TailTrack has not appointed a separate Data Protection Officer. Privacy enquiries should be sent to hello@tailtrack.co.uk.
In this policy, "TailTrack", "we", "us" and "our" mean TailTrack.
TailTrack's Role
TailTrack has different data protection roles depending on the situation.
- Controller
- We decide why and how personal information is used for business owner accounts, TailTrack subscription billing, TailTrack marketing enquiries, direct TailTrack emails, product analytics, security logs, fraud prevention, platform improvement, website visitors, and our own legal, tax, accounting and business administration.
- Processor
- For client, pet-owner, pet, booking, Pet Passport, care-note and customer operational records submitted by a pet-care business, TailTrack normally processes information on that business's instructions.
If you are a pet owner or client of a dog walker or pet sitter using TailTrack, you should normally contact that business first about your personal information. We can help route requests where appropriate.
Payments
TailTrack uses payment providers for payment processing, subscription billing, connected accounts, checkout, refunds and disputes where payments are enabled.
TailTrack does not store raw card numbers or full card details. Payment providers handle card payment method details.
Payment providers may act as our processor for some payment processing activities and as an independent controller for other activities, such as fraud prevention, security, regulatory compliance, anti-money laundering checks, identity verification, payment network requirements and their own service administration. Their own privacy information applies to their controller processing.
Personal Information We Collect
| Category | Examples |
|---|---|
| Business owner and account data | Name, email address, phone number, password hash, email verification status, account role, login details, authentication data, Google OAuth sign-in data where used, and terms acceptance timestamp. |
| Business profile and tenant settings | Business name, business type, TailTrack tenant slug, branding, logo, brand colours, contact email, contact phone, social links, service area, working days, services, booking settings and request form questions. |
| Subscription and billing data | Plan, trial dates, billing status, payment provider identifiers, invoices, payment status and related billing records. |
| Marketing and enquiry data | Name, business name, email address, phone number, business type, referral source, referral details, free-text notes or context, contact permission and marketing consent timestamp. |
| Client and pet-owner data | Name, email address, phone number, household or postal address, non-confidential household notes, contact preferences and information submitted through booking forms or client portals. |
| Pet data | Pet name, species, breed, age, size, pet photos, upload details needed to manage file and Pet Passport status. |
| Pet Passport and care information | Custom question answers, pet health and behaviour information about animals, vet details, permissions, service logistics and free-text care notes. TailTrack is not intended for home access instructions, key-safe or lockbox codes, alarm codes, emergency contact details, household vulnerability notes or similar confidential safety or security information. |
| Booking and operational data | Booking requests, request status, source, requested dates and times, preferred days and time windows, notes, slots or rounds, capacity, assignments, waitlists, meet-and-greet proposals and outcomes, activity history, owner notes and internal logs. |
| Notification data | Recipient email address, notification type, delivery status, errors and delivery metadata. |
| Payment request data | Amount, currency, description, due date, paid or refunded amounts, payment method, payment provider identifiers and status data, checkout links, manual payment notes, refund notes, dispute or refund records and bank transfer instructions configured by the pet-care business. |
| Analytics and log data | Page views, business account context, plan, feature usage, onboarding milestones, payment setup status, product events, technical error details, operational metadata and security logs. We aim to avoid logging sensitive free text. |
| Cookie and device data | Session cookies, security tokens, cookie consent preferences, cookie consent audit records where used, sidebar preference, theme preference, analytics consent state, user or account identifier linked to logged-in consent audit records where used, browser or device information and similar technical data. |
Special And Sensitive Information
Pet health information about an animal is not automatically special category personal data under UK data protection law.
TailTrack is not intended to hold confidential access, safety or security details about people, homes or emergencies. Do not enter or request home access instructions, key-safe or lockbox codes, alarm codes, emergency contact details, household vulnerability notes, passwords, access tokens, raw card details or similar confidential information.
Because TailTrack includes configurable questions and free-text fields, users could still enter sensitive information by mistake or against our instructions. Where that happens, we may process it as Customer Data only to provide, secure, support or delete it.
Pet-care businesses using TailTrack must:
- collect only what they need for booking and pet-care purposes;
- not use TailTrack to ask for or store prohibited confidential access, security or emergency details;
- avoid entering human special category data unless it is necessary and lawful;
- have an appropriate lawful basis and, where needed, an Article 9 condition;
- delete or replace prohibited details entered by mistake where TailTrack controls allow, or contact us for help.
How We Use Information
| Purpose | Examples | Lawful basis |
|---|---|---|
| Provide and administer TailTrack accounts | Account creation, login, email verification, password resets, user roles, business settings and support. | Contract; legitimate interests. |
| Provide the TailTrack service | Hosting the platform, enabling booking pages, client management, scheduling, payment requests, notifications and operational features. | Contract; legitimate interests. |
| Subscription billing and account management | Trials, subscriptions, upgrades, cancellations, invoices, payment status, failed payment handling and tax records. | Contract; legal obligation; legitimate interests. |
| Payment facilitation | Payment provider checkout, payment records, refunds, disputes and connected account activity. | Contract; legal obligation; legitimate interests. |
| Security and fraud prevention | Sign-in, request security checks, access control, abuse monitoring, audit logs, error investigation and platform protection. | Legitimate interests; legal obligation. |
| Customer support and service communications | Responding to support requests, operational emails, product notices, security alerts and account messages. | Contract; legitimate interests. |
| Product analytics and improvement | Understanding feature usage, onboarding, performance, reliability and product issues. | Legitimate interests for privacy-preserving operational analytics; consent where required for browser cookies, storage or optional browser analytics tools. |
| Marketing enquiries and TailTrack communications | Responding to enquiries, sending requested information, recording contact permissions and, where enabled, sending marketing emails. | Consent; legitimate interests; soft opt-in where available and lawful. |
| Legal and compliance | Records, disputes, enforcement of terms, legal claims, regulatory obligations, tax, accounting and complaints handling. | Legal obligation; legitimate interests. |
| Business administration | Internal reporting, finance, governance, insurance and professional advice. | Legitimate interests; legal obligation. |
When We Act As Processor
For client, pet, booking, Pet Passport, care-note, payment request and client communication information entered by a pet-care business, TailTrack normally processes information on that business's instructions.
In that situation, the pet-care business is responsible for:
- deciding what information to collect;
- identifying the lawful basis for processing;
- providing its own privacy notice to clients and pet owners;
- making sure it has permission to enter information into TailTrack;
- responding to data protection rights requests;
- deciding how long to keep client, pet, booking and care records;
- keeping information accurate;
- ensuring staff and contractors use TailTrack appropriately;
- complying with pet-care, consumer, insurance, employment and other legal obligations.
TailTrack provides a software platform. TailTrack does not provide dog walking, pet sitting, veterinary, animal-care, home-access, key-holding or emergency services.
Public Booking Pages And Client Portals
A pet-care business may use TailTrack to create a branded public booking request page and client portal.
When you submit information through one of those pages, you are usually submitting it to the pet-care business. TailTrack hosts the page and processes the information for that business.
The pet-care business should provide you with its own privacy notice. If it has not done so, please ask the business directly.
Google Maps, Places And OAuth
TailTrack may use Google Maps Platform and Google Places features for address suggestions, address validation, map views, place IDs, latitude, longitude and formatted address data.
When those features are used, address information, place information and technical information may be processed by Google. Google may process some information under its own terms and privacy information.
TailTrack may also support Google OAuth or Google Sign-In. If you use Google sign-in, Google may share account information such as your email address, name and profile image where provided, and Google's own privacy information applies to your Google account processing.
Analytics, Error Tracking And Session Recording
TailTrack may use privacy-conscious analytics to understand how the platform is used and to improve reliability, onboarding and product features. Browser analytics tools that use optional cookies or browser storage load only after analytics consent. Where TailTrack runs on different subdomains, we use a first-party consent cookie so the same choice can apply across TailTrack surfaces. Operational analytics, logs and security events may still be processed under legitimate interests to provide, secure and improve the Service.
Where TailTrack uses product analytics, error tracking or session analysis tools, they must be configured with TailTrack's privacy safeguards. Because TailTrack can contain addresses, care notes, payment information and prohibited confidential details if users enter them against our instructions, session recording must be treated as high risk.
TailTrack's policy is that:
- session recording must only run after analytics consent;
- sensitive inputs, selected rendered values and high-risk panels must be masked or blocked;
- technical data that could contain sensitive information must be scrubbed or not captured;
- sensitive analytics fields such as address, health, email, phone, notes, password, security, vet and access details should be filtered, pseudonymised or dropped where possible;
- analytics should not be used to profile pet owners for advertising.
International Transfers
Some of our providers may process personal information outside the United Kingdom, including in the EEA, United States or other countries.
Where required, we use appropriate safeguards such as UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, EU Standard Contractual Clauses where relevant, recognised data transfer frameworks where applicable, and contractual and technical measures designed to protect information.
How Long We Keep Personal Information
We keep personal information only for as long as necessary for the purposes described in this policy, unless a longer period is required for legal, accounting, tax, security or dispute reasons.
| Information | Retention |
|---|---|
| TailTrack business account data | For the life of the account, then as long as needed for legal, tax, accounting, security or dispute reasons. Operational account data is normally removed or anonymised when no longer needed. |
| Subscription, invoice and billing records | Usually 6 years for tax, accounting and legal record purposes. |
| Marketing enquiries | Usually up to 24 months from last meaningful contact, unless you become a customer or ask us to delete the information earlier. |
| Marketing consent and suppression records | For as long as needed to honour preferences and demonstrate compliance. |
| Support communications | Usually up to 24 months, unless needed for an active issue, legal claim, security matter or business record. |
| Security logs | Usually up to 180 days, unless needed for investigation, fraud prevention or legal reasons. |
| Analytics data | Usually up to 24 months, preferably aggregated or minimised where possible. |
| Session recordings, if ever enabled | Usually up to 30 days, unless needed to investigate a specific issue and lawfully retained. |
| Pet-care business client, pet, booking and Pet Passport data | As instructed by the pet-care business during the subscription. After account closure, handled under TailTrack's deletion and export process. |
| Backups | Handled under TailTrack's backup lifecycle and deletion processes unless legally preserved. |
| Cookies and browser storage | See our Cookies Policy. |
Security
We use technical and organisational measures designed to protect personal information, including:
- HTTPS/TLS in transit;
- password hashing;
- email verification and password reset flows;
- session and request security controls;
- tenant separation;
- role-based access controls where available;
- secure file handling where relevant;
- production backups;
- controlled access to administrative systems;
- logging and monitoring;
- sanitisation of sensitive analytics and log fields where possible;
- vendor due diligence;
- incident response processes.
No online service can be guaranteed to be completely secure. Users must keep account credentials safe, use strong passwords and tell us promptly if they suspect unauthorised access.
Your Rights
Depending on the circumstances, you may have the right to:
- access personal information;
- correct inaccurate information;
- ask for deletion;
- restrict processing;
- object to processing;
- receive a copy of information in a portable format;
- withdraw consent where we rely on consent;
- complain about how information is handled.
These rights are subject to conditions and exemptions under data protection law.
If your request relates to information held in a pet-care business's TailTrack account, we may need to direct you to that business or consult it before responding because the business is usually the controller of that information.
Privacy Requests And Complaints
To make a privacy request, contact hello@tailtrack.co.uk. We may need information to confirm your identity and understand the request. We will respond without undue delay and within the period required by law.
Children
TailTrack is not intended for account registration by anyone under 18.
Pet-care businesses should not allow children to create TailTrack accounts. If information about children is entered into free-text notes, the business must ensure it is necessary, lawful, minimised and appropriately protected.
Changes To This Policy
We may update this Privacy Policy from time to time. We will update the last updated date and, where appropriate, notify users of material changes.