Privacy Policy for OmniaVet

Privacy Policy for OmniaVet

Last Updated: May 30, 2026

Developer Entity: Serrapps (“we”, “us”, “our”, or “Data Controller”)

Contact Email: appsupport@bertrandserra.fr

1. Introduction & Core Philosophy (Privacy by Design)

This Privacy Policy establishes the legal and technical framework governing the processing of data within the OmniaVet mobile application (hereinafter referred to as the “Application”), developed and published by Serrapps.

We operate on a strict Privacy by Design and by Default architectural model. We recognize that pet medical profiles, lifestyle routines, and telemetry data are highly personal. Consequently:

  • Your data and your animals’ data belong exclusively to you.

  • We do not maintain centralized application servers to harvest, aggregate, profile, or analyze user databases.

  • No personal data, telemetry, or metadata processed by this Application is ever rented, shared, or sold to third-party data brokers, advertising networks, or corporate entities.

2. Granular Data Processing & Technical Implementation

The Application processes user-generated and device-level inputs to deliver its features. This processing is split into three execution environments: Local Isolated Storage, Secure Sandbox Cloud Synchronization, and Ephemeral On-Device Computation.

2.1 Pet Health, Biological & Profile Data (User-Entered Inputs)

To compile the digital health record of your animals, the Application processes the following manually entered datasets:

  • Identity Schemas: Name, biological sex, species, breed registries, date of birth, pedigree status (e.g., LOF), and unique identification markers (ISO 11784/11785 compliant microchip transponder IDs, tattoo codes).

  • Dynamic Health Metrics: Local chronological logs tracking body weight (grams/kilograms), height/wither measurements (centimeters), serialization dates, medical conditions, surgical histories, and acute or chronic vaccination schedules.

  • Reproductive Cycles: Highly sensitive tracking records for biological cycles, including female heat periods (périodes de chaleurs) and equivalent species-specific reproductive events.

  • Media and Binary Assets: Local filesystem paths pointing to user-uploaded profile pictures and scanned PDF/image administrative documents.

Execution Context: This data is written directly to an isolated SQLite internal application database (via the Android Room Persistence Library). It is used exclusively to execute local client-side logic, such as rendering vector-based growth curves, computing species-specific human age equivalents, and adjusting localized food ration requirements.

2.2 Geolocation & Telemetry Data (GPS & Location APIs)

The Application requests explicit runtime system permissions for fine and coarse location services (ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION). This processing is limited strictly to two distinct functional workflows:

A. “Activity & Walk” Tracking (Background Location Access)

When you manually initiate an outdoor tracking session (e.g., Dog Walking, Agility training), the Application invokes location services—including background polling if the device screen is locked or the app is minimized—to calculate distance metrics.

  • Data Minimization & Aggregation: Raw spatial coordinates ($Latitude, Longitude$) and GPS timestamps are parsed transiently in volatile memory (RAM) to accumulate real-time linear mathematical distance calculations. Only the finalized, aggregated quantitative values (Total Distance covered in meters, Duration in seconds) are committed to the local SQL persistence layer. The physical route path map is never cached, tracked, or sent to external servers.

B. Emergency Veterinary Locator (Foreground Location Access)

When accessing map or emergency search tools, the Application checks your current foreground coordinates to find nearby veterinary points of interest (POI).

  • Platform Dependencies: Spatial queries are handed off directly to native device map SDKs (such as the Google Maps SDK / Google Play Services Location API). This search payload is processed ephemerally by the platform provider’s infrastructure. It is never transmitted to, inspected by, or stored on Serrapps infrastructure.

2.3 Local Intelligent Inventory Management (The Pantry / Garde-Manger)

To automate dietary supply lines, the Application processes inventory records:

  • Input Scope: Food classification parameters (Kibble, Wet Food, Treats), brand names, packaging weights, expiration timelines, and commercial batch numbers (Numéro de lot).

  • Automated Deductions: The database executes internal transaction triggers that automatically deduct specific portion sizes from the active Pantry stock whenever a user confirms a meal or utilizes the calorie calculator.

  • Alert Automation: Local background workers check remaining volumes against user-defined safety margins (25%, 20%, 15%, 10%, 5%) and expiration flags to issue local notification alerts. If a stock reaches zero units before an expiration date triggers, the respective notification alarm is cleanly un-registered and permanently deleted from the OS schedule queues.

2.4 Device Hardware Access: Camera, Gallery & Storage

The Application hooks into system intent sheets to manage physical assets:

  • Camera & Media Pickers: Invoked exclusively to assign visual identities to pet profiles and feed the document scanning module.

  • Processing Isolation: File streams remain strictly bounded inside the Application’s private internal storage partition (/data/data/com.serrapps.omniavet/).

2.5 On-Device Document OCR & Artificial Intelligence (AI)

To minimize data footprint and maximize user confidentiality, all automation and triage utilities operate under a 100% Local Execution constraint:

  • AI Vaccine & Prescription Scanner: Optical Character Recognition (OCR) and document parsing are performed natively on-device via the Google ML Kit Text Recognition API. When a user scans an invoice or vet prescription, text blocks are compiled and structurally filtered in memory using local regular expressions (Regex) to extract medication names, posologies, and booster dates. This structured data is pre-populated into the local UI form.

  • Gemini Nano Symptom Assistant: Conversational triage and pre-diagnostic support run completely offline via the Android AICore platform leveraging the device’s local system chip (NPU/CPU).

  • Absolute Air-Gap Guarantee: No text snippets, raw document images, conversational tokens, or extracted strings are sent to any remote server or cloud infrastructure for processing. The entire machine learning inference pipeline is execute-only, local, non-idempotent, and entirely private.

2.6 System Scheduling, Notifications & The Memorial Safeguard

The app interfaces with low-level device scheduling managers to execute routines:

  • Task Schedules: Routine schedules (feeding windows, medication timers, vet check-ups) are written directly to the device’s local operating system alert systems (AlarmManager and WorkManager APIs).

  • Calendar Bridges: Sync features utilize write-only access tokens to append veterinary events into the native device calendar. No external calendar harvesting occurs.

  • The Memorial Space & Safety Purge: When a user declares a pet’s passing via the profile settings, the Application executes a destructive lifecycle workflow: the pet’s record state flags are changed, isolating it exclusively inside the local Memorial UI module. Simultaneously, the Application calls the OS scheduling kernel to forcefully clear, un-register, and delete all past, present, and future recurring system notification alarms tied to that specific pet’s ID. This hard restriction guarantees that no automated or smart notifications ever fire for a deceased animal.

2.7 Peer-to-Peer “Pet-Sitter Sync” Architecture

Data portability between pet owners and temporary caretakers runs via a serverless, peer-to-peer (P2P) protocol:

  • Export configurations and caretaker report data are securely serialized, compressed using standard GZIP encoding, and packed into a high-density matrix barcode (QR Code).

  • Transmission of data happens exclusively screen-to-camera, peer-to-peer. At no stage does this care handover cycle communicate with, route through, or authenticate against any cloud proxy, network gateway, or remote server.

3. Storage, Cloud Backup Protocols & Technical Security

3.1 Local Persistence Layer (Free Tier)

All database transactions are committed to an isolated SQL structure managed through a secure Android sandboxed file wrapper. Data remains bound to the physical hardware. Cleanses of system app data or physical damage to un-synced storage media will result in permanent, irrevocable data loss.

3.2 True Google Drive Infrastructure Sync (Premium Tier)

For active subscribers of our Premium tier, the Application incorporates automated cloud serialization. We do not use simulated endpoints or intermediate server relays:

  • API Framework: Cloud routing is built strictly on top of the Google Drive REST API (v3) coupled with Google Identity Services.

  • Isolated Application Directory: Backups are written directly and exclusively into your personal Google Drive account’s hidden application data folder (appDataFolder). This secure folder partition is accessible only by the OmniaVet application client token; users cannot accidentally view, alter, or delete this backup database file from their standard Google Drive file manager UI.

  • Data Integrity & Merging: Database updates deploy cryptographic timestamp verifications to securely handle structural delta merges and avoid database key collisions during multi-device synchronization events.

3.3 Hardware-Level Encryption Standards

Data at rest on the device benefits entirely from file-based hardware encryption systems (FBE) natively configured on the host operating system (employing military-grade Advanced Encryption Standard – AES 256-bit keys). No experimental, proprietary, or custom cryptographic algorithms are implemented by Serrapps.

4. Absolute Exclusion of Third-Party Monetization & Trackers

We enforce a strict zero-tolerance architecture regarding user surveillance:

  • No Third-Party Analytics: We do not embed behavioral tracking SDKs (such as Firebase Analytics, Google Analytics, Mixpanel, or Facebook SDK).

  • No Programmatic Advertising: The Application source code contains zero lines of code linked to real-time bidding advertisement networks, software advertisement SDKs (such as Google AdMob or Unity Ads), or tracking pixels.

  • Core Dependencies Only: The app interacts only with core platform service components necessary to execute secure ecosystem tasks: Google Play Billing (payment handling), Google Play Integrity API (application tamper and fraud mitigation), and Google Play Services (mapping data and local machine learning models).

5. Monetization, Subscriptions & Financial Disclaimers

All premium checkout workflows, subscription renewals, and billing lifecycle transactions (€3.99/monthly or €39.99/annually) are managed end-to-end by the Google Play Billing API.

  • Serrapps has zero visibility over, and never receives, logs, or processes credit card details, physical addresses, bank routing configurations, or legal identities.

  • The billing provider safely returns an anonymous, encrypted purchase token to our client code, which serves exclusively to activate access rights to the premium software features.

6. Global Regulatory Compliance & User Sovereignty (GDPR / CCPA)

In absolute alignment with the General Data Protection Regulation (GDPR – EU 2016/679) and the California Consumer Privacy Act (CCPA), we guarantee full regulatory compliance and user data sovereignty:

  • Right to Access & Portability: All digital medical passports, weights, and routine metrics are completely transparent and readable via the local application interface.

  • Right to Absolute Erasure: You can trigger a permanent data wipe via the Settings menu at any time. Tapping the destructive delete confirmation issues immediate command execution that permanently drops all local SQL rows, deletes cached image directories from the app sandbox, and executes an authorized delete request to purge the backup archive from your private Google Drive app folder. This process is immediate and completely irreversible.

7. Changes and Revisions to This Policy

We reserve the right to revise this Privacy Policy to ensure compliance with updated operating system requirements, security protocols, or changes in international data protection laws. Any modifications will be flagged inside the application setup menu and noted by updating the “Last Updated” date located at the header of this legal document.

8. Legal & Technical Contact

For formal compliance evaluations, technical data management clarifications, or general privacy inquiries, please contact our Data Controller directly at: appsupport@bertrandserra.fr