How We Protect Your Pet's Data: Security, Privacy & Resilience
When you add your dog or cat to FoundYa, you're not just saving a cute photo-you're trusting us with contact details, vet notes, and sometimes your home suburb when a tag is scanned. That's a big deal. The same tap that opens your pet's profile (why we use NFC) should feel safe-not mysterious. You shouldn't need a computer science degree to understand what happens next.
This post explains-in everyday language-how we keep that information secure, respect your privacy, avoid losing data when things go wrong, and why we choose software partners who publish independent security reports like SOC 2.
Security: locking the doors without locking you out
"Security" in an app usually means a few practical things:
- Encrypted connections - When you use FoundYa in a browser or on your phone, data travels over HTTPS-the same kind of protected connection your bank uses for online banking. That makes it much harder for someone to snoop on the wire between your device and our servers.
- Account protection - You sign in with a proper identity provider, not a sticky note on a fridge. Strong authentication helps stop strangers from wandering into your dashboard and changing your pet's profile.
- Least access - Inside our team, access to production systems is limited to what's needed to run and improve the product-not "everyone can export everything."
No online service can honestly promise "100% unhackable." What we can promise is that we take administrative, technical, and organisational measures seriously-the same categories called out in our Privacy Policy-and we encourage strong passwords and sensible sharing of what appears on your pet's public profile.
Think of security like a good collar: it needs to hold under stress, but it shouldn't choke the dog. We aim for strong protection without making the product painful to use.
Privacy: you decide what's visible-and when
Privacy isn't the same as secrecy. For a lost pet, some information has to reach a finder-or the tag wouldn't help. The trick is you stay in control of how much, and lost mode can widen the net without dumping your life story onto the internet.
That lines up with how we think about the product day to day:
- Private by default - Your pet's data isn't a billboard. You choose what appears on the scan page and what stays in your household.
- Lost mode with intent - When you activate lost mode, you're deliberately asking for more attention from Sentinels and finders-not an accidental overshare.
- No selling your profile - We're upfront about how we make money; we're not building a data brokerage on the side. See how FoundYa keeps the lights on for the straight story.
If you ever want to leave, we have a clear path for account and data deletion-because privacy includes being able to walk away.
Resilience: so one bad day doesn't erase your pet's profile
Resilience is a fancy word for "when something breaks, we don't lose everything." Servers can fail. Networks can hiccup. Humans mis-click. A well-run service plans for that.
For FoundYa, resilience shows up as habits like:
- Durable storage - Your pet's profile and media live in systems designed for redundancy, not on a single laptop under someone's desk.
- Careful changes - We ship updates in a way that reduces the chance of wiping or corrupting live data.
- Recovery mindset - If something goes wrong, we focus on restoring service and protecting data-not pretending outages don't happen.
The goal is simple: your pet's record shouldn't vanish because one piece of infrastructure had a bad afternoon. That's the same instinct as keeping a paper copy of your vet vaccination sheet-except we're doing it with modern cloud infrastructure.
Why SOC 2 (and similar) partners matter
SOC 2 (Service Organisation Control 2) is an independent audit framework-mostly used in the United States-that checks whether a company handles customer data in line with strict criteria: security, availability, processing integrity, confidentiality, and privacy. You don't need to memorise that. What matters is:
- A third party reviews how the vendor operates, not just their marketing page.
- Reports are periodic-not a one-off promise from 2019.
- You can trust the plumbing-payments, hosting, email, push notifications-without becoming an expert in each tool.
We don't run every line of software ourselves. Like almost every serious app, we rely on specialised partners for things like payments, database hosting, and messaging. We choose providers who publish SOC 2 or comparable security programmes for their services, so we're not stacking our house of cards on tools that treat security as an afterthought.
SOC 2 describes our vendors' controls for their services. It doesn't automatically "certify" FoundYa as a whole-but it means we're building on platforms that undergo real scrutiny, which is exactly what we'd want as pet owners ourselves.
What we'd tell a mate at the dog park
If someone asked over coffee: "Is my stuff safe?" - we'd say we use modern security practices, you control what's shared publicly, we design for uptime and recovery, and we buy services from partners who take compliance seriously-including SOC 2 where available.
If they asked "Can you guarantee nothing bad will ever happen?" - we'd be honest: no one can. What we can do is stack the odds in your favour with sensible architecture, clear privacy rules, and partners who've earned external trust.
For the full legal detail, our Privacy Policy and Terms of Service are always the reference. For how the product fits into your life, start with introducing FoundYa or learn how lost mode works when you need extra reach.
Questions? Get in touch-we're happy to talk it through without the jargon.
