Privacy Policy for Petto

1. The short version

2. How Petto works (so you understand the data flows)

Petto turns two of your devices into a pet monitor:

• A Camera device is placed near your pet.
• An Owner device receives alerts and (with a subscription) live video and audio.

The two devices are linked using a one-time pairing code or QR code. Live video and audio travel directly between your two devices using an encrypted peer-to-peer connection (WebRTC, secured with DTLS-SRTP).

When a direct connection between your devices is not possible (due to certain mobile or office networks), the encrypted media is passed through a relay server so the connection can still work. The relay only forwards already-encrypted data packets — it cannot see, decode, or store your video or audio.

We use trusted infrastructure providers (including Google Firebase and a third-party connection-relay provider) to operate these connections. Their role is described in Section 6.

3. What information we collect

We collect only what is necessary to operate the App. We do not collect your name, email address, phone number, contacts, or precise location.

3.1 Anonymous device identifier

On first launch, the App generates a random, anonymous identifier (via Firebase Anonymous Authentication). This is not linked to your real-world identity and exists only so we can: securely link your paired devices, deliver alert notifications to the correct device, and apply your subscription entitlement.

3.2 Pairing and connection data

To connect your devices, we process temporary technical data: pairing tokens, device-presence ("online/offline") status, and the technical connection-setup messages (network candidates) that WebRTC needs. This data is short-lived and used only to establish connections between your devices.

3.3 Event metadata (not media)

When the App detects a bark, noise, or motion, it records metadata about the event — the type (bark/noise/motion), a timestamp, and a confidence indication. This is used to send you alerts and to show your activity log (a premium feature). We do not upload, store, or analyze the actual sound or video of these events on our servers. Sound is classified on your device; the raw audio never leaves it for this purpose.

3.4 Video clips (premium)

For premium users, the App may record a short (~10-second) clip when an event is detected. These clips are stored only on your camera device and transferred directly to your owner device when you request them. They are not uploaded to our servers and are automatically deleted from the camera device after a short period.

3.5 Push notification token

We process the Firebase Cloud Messaging (FCM) token of your device so we can deliver bark, motion, and camera-status alerts. This token does not identify you personally.

3.6 Subscription data

If you purchase a subscription, the purchase is processed by Google Play and managed through our payment infrastructure provider RevenueCat. We receive a record that an anonymous user has an active entitlement (and its status). We never receive or store your credit card or payment details — those are handled solely by Google Play.

3.7 Diagnostics, crash and usage data

To keep the App reliable, we use Firebase Crashlytics and Firebase Analytics to collect: crash reports and technical error logs; device model, operating-system version, and app version; anonymous, aggregated usage events (for example: "monitoring started", "live stream started", "paywall shown") to understand which features are used and to fix problems.

This data is aggregated and not used to identify you. We never collect the content of your pet's audio or video in analytics.

4. What we do NOT do

• We do not store your pet's live video or audio on our servers.
• We do not store video clips in the cloud.
• We do not sell, rent, or share your data with data brokers or advertisers.
• We do not display advertisements.
• We do not use third-party advertising or behavioral-tracking SDKs.
• We do not collect your name, email, contacts, photos, or precise location.

5. Service providers (sub-processors)

We rely on the following providers to operate Petto. Each processes data only as needed to provide their service:

Our service providers may process data in countries other than your own (for example, in the United States). Where required, such transfers rely on the appropriate safeguards offered by these providers.

6. Legal bases for processing (EU/UK users)

If you are in the EU/EEA or the UK, data-protection law (the GDPR / UK GDPR) requires us to have a legal basis for processing your data. We rely on the following:

• Performance of a contract (Art. 6(1)(b) GDPR): to provide the core monitoring, pairing, alert, and subscription functionality you request.
• Legitimate interests (Art. 6(1)(f) GDPR): to keep the App secure, reliable, and free of abuse, and to fix crashes and improve features through aggregated diagnostics. We balance these interests against your rights.
• Consent (Art. 6(1)(a) GDPR): where required by your device or local law (for example, certain analytics), we rely on your consent, which you can withdraw at any time in the App or device settings.

7. How long we keep data

• Event metadata: retained for up to 7 days, then deleted.
• Video clips: stored only on your camera device and auto-deleted there (typically within 48 hours).
• Connection/signaling data: transient; deleted shortly after a session ends.
• Anonymous account and pairing data: automatically purged approximately 30 days after your devices were last active (last heartbeat).
• Crash/diagnostic data: retained per Firebase's standard retention periods.

Uninstalling the App removes all locally stored data (including clips) from your devices.

8. Your rights

We respect your privacy rights wherever you live. If you are in the EU/EEA, the UK, or another region with similar data-protection laws, you have the right to:

• access the data we hold about you,
• request correction of inaccurate data,
• request erasure of your data,
• restrict or object to certain processing,
• request data portability,
• withdraw consent at any time, and
• lodge a complaint with a supervisory authority.

Because Petto is anonymous, we may not be able to identify your specific data without additional information from you (such as your in-app device/pair identifier, available in the App's settings or diagnostics). For most requests, you can exercise these rights directly: uninstalling the App and unpairing your devices deletes your data, and our automatic purge removes server-side records after inactivity.

To make a request, contact us at labskiro@gmail.com.

If you are in the EU/EEA and believe your data has been handled improperly, you have the right to lodge a complaint with your local data protection supervisory authority.

9. Security

We protect your data using industry-standard measures:

• End-to-end encryption (DTLS-SRTP) of all live video and audio between your devices. Media is never decryptable by us or our relay providers.
• Encrypted transport (TLS) for all signaling and metadata.
• Access-controlled data: connection, event, and command data are accessible only to your own paired devices, enforced by server-side security rules.
• Short-lived credentials for the relay service, issued only to entitled devices.
• No collection of payment details by us.

No method of transmission or storage is 100% secure, but we work to protect your information using appropriate safeguards.

10. Children's privacy

Petto is a pet-monitoring tool intended for adults (18+). It is not directed at children and we do not knowingly collect personal data from children. Petto must only be used to monitor your own pets in your own home and must never be used to monitor people without their knowledge and consent.

11. Permissions we request and why

• Camera: to stream and record video of your pet on the camera device. Used only while you are monitoring.
• Microphone: to detect barks/noise and to enable live audio and two-way talk. Audio for detection is processed on-device.
• Notifications: to deliver bark, motion, and camera-status alerts.
• Run in background / foreground service: so monitoring continues reliably while the screen is off.
• Battery optimization exemption (optional): so the camera device is not stopped by the system during monitoring.

You can manage or revoke these permissions at any time in your device settings. Revoking Camera or Microphone will stop monitoring.

12. International users

Petto is available in multiple countries. Regardless of where you are located, we apply the privacy protections described here. By using the App, you understand your data may be processed by our service providers as described in Section 6.

13. Changes to this Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you within the App. Continued use of Petto after changes take effect constitutes acceptance of the updated Policy.

14. Contact us

If you have any questions about this Privacy Policy or your data, contact us at:

KiroLabs
Email: labskiro@gmail.com
Website: https://kirolabs.io