Data Protection &
Fail-Closed Privacy.
We are building a "Truth Layer" for pet identity, not a marketing database. Our systems are designed to protect users from predation while enabling rapid emergency response.
The "Fail-Closed" Doctrine
Our platform operates on a "Fail-Closed" permissions model. This means that if `SYSTEM_STATUS` is ambiguous or consent is unclear, data is never shared. We protect the privacy of the Finder and the Owner above all else to prevent extortion and harassment.
No Commercial Surveillance
Pet911 explicitly replaces "rent-seeking" registries. We do not sell your data, we do not scrape social media, and we do not use "panic" to upsell services. We are an operational utility for emergency coordination.
Who Sees What? (Access Control Matrix)
| Data Entity | Public User | Finder/Owner | Verified Moderator |
|---|---|---|---|
| Contact Info (Phone/Email) | NEVER | Own Only | Audit-Logged Access* |
| Exact Location (Home) | REDACTED | Own Only | Authorized |
| Approximate Area | Visible | Visible | Visible |
| Pet Medical Data | NEVER | Own Only | Audit-Logged Access |
| Match Suggestions | NEVER | If Confirmed | Visible |
* Moderators must explicitly log a reason for accessing contact information. This action generates an immutable audit log entry.
The "Contact Gate" Protocol
INVARIANT: CONTACT_GATEDTo prevent scams and extortion, we never automatically release finder or owner contact information.
Retention Schedules
We only keep data as long as it is operationally useful.
- Active CasesIndefinite
- Reunited Cases90 Days
- Audit Logs365 Days
- Unverified Sightings30 Days
Your Rights (GDPR+)
You own your data. We are just the custodians.
Full Export
Download a JSON package of every data point we hold on you.
Right to Forget
One-click account deletion. (Pending cases must be closed first).
AI Transparency & Ethics
Our AI is an advisor, not a judge. It clusters sightings and suggests matches, but it cannot make medical diagnoses or legal determinations.