PetBorder
Last updated: 22 March 2026

Privacy Policy

This Privacy Policy explains how PetBorder ("we", "us", "our") collects, uses, stores, and protects your personal information when you use petborder.com. By using PetBorder, you agree to the practices described in this policy.

1. Who we are

PetBorder is an online pet travel compliance planning service operated from Australia. We help pet owners navigate Australian Department of Agriculture, Fisheries and Forestry (DAFF) requirements for importing and exporting pets.

For privacy enquiries, contact us at privacy@petborder.com.

2. What information we collect

Information you provide directly

  • Account information: email address, name (when you sign up or use Google OAuth)
  • Pet details: pet type (dog or cat), breed, origin country, intended travel date — used to generate your compliance timeline
  • Contact information: name and message when you use our contact form
  • Payment information: processed directly by Stripe — we never see or store your card number

Information collected automatically

  • Usage data: pages visited, features used, timeline generation events
  • Technical data: IP address (used for rate limiting), browser type, device type
  • Cookies: authentication session cookies (Supabase), preference cookies — see Section 7

Information we do not collect

  • We do not collect microchip numbers, passport numbers, or veterinary records
  • We do not collect payment card numbers (Stripe handles this)
  • We do not collect sensitive personal data such as health information about you (only about your pet)

3. How we use your information

PurposeData usedLegal basis
Generate your pet compliance timelinePet details, origin country, travel dateContract performance
Save and display your timelinesAccount info, pet details, generated timelineContract performance
Process paymentsEmail (passed to Stripe)Contract performance
Send DAFF deadline reminder emailsEmail, timeline dataLegitimate interest / consent
Rate limit the timeline generatorIP addressLegitimate interest
Respond to support requestsName, email, messageLegitimate interest
Improve the serviceAnonymised usage dataLegitimate interest
Comply with legal obligationsAs requiredLegal obligation

4. Third-party services we use

We use the following third-party services to operate PetBorder. Each has its own privacy policy:

Supabase

Authentication, database storage (your account data, saved timelines, progress)

Data location: USA (AWS)

Privacy policy ↗

Stripe

Payment processing for document pack purchases and subscriptions

Data location: USA

Privacy policy ↗

Anthropic (Claude API)

AI generation of compliance timeline step descriptions — pet details are sent to the API

Data location: USA

Privacy policy ↗

Resend

Transactional email (deadline reminders, purchase confirmations)

Data location: USA

Privacy policy ↗

Vercel

Web hosting and deployment infrastructure

Data location: USA (global edge)

Privacy policy ↗

We do not sell your personal information to any third party. We do not use your data for advertising.

5. Data retention

  • Account data: retained while your account is active. Deleted within 30 days of account deletion request.
  • Generated timelines: retained until you delete them, or for 2 years after your last login if your account becomes inactive.
  • Payment records: retained for 7 years to comply with Australian tax law.
  • Contact form messages: retained for 12 months then deleted.
  • IP addresses (rate limiting): retained for 24 hours only.
  • Usage analytics: retained in anonymised form for up to 3 years.

6. Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: request a copy of the data we hold about you
  • Correction: update inaccurate or incomplete data
  • Deletion: request deletion of your account and associated data
  • Portability: receive your timeline data in a machine-readable format
  • Objection: object to processing based on legitimate interest
  • Withdraw consent: unsubscribe from reminder emails at any time via the unsubscribe link in emails

To exercise any of these rights, email us at privacy@petborder.com. We will respond within 30 days.

7. Cookies

We use the following cookies:

CookiePurposeType
sb-auth-tokenAuthentication session — keeps you logged inEssential
sb-refresh-tokenRefreshes your authentication session automaticallyEssential

We use only essential cookies required for the service to function. We do not use advertising or tracking cookies.

8. Data security

  • All data is transmitted over HTTPS (TLS encryption)
  • Database access is protected by Supabase Row Level Security (RLS) — users can only access their own data
  • Passwords are hashed and never stored in plain text
  • API keys are hashed with bcrypt before storage
  • Payment card data is never transmitted to or stored on PetBorder servers

While we apply industry-standard security measures, no system is completely secure. In the event of a data breach that affects your personal data, we will notify you as required by applicable law.

9. International data transfers

Our service providers (Supabase, Stripe, Anthropic, Resend, Vercel) are based in the USA and process data there. By using PetBorder, you consent to your data being transferred to and processed in the USA. We rely on Standard Contractual Clauses and Privacy Shield-equivalent mechanisms where applicable for transfers from the UK and EU.

10. Australian Privacy Act

PetBorder complies with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you are an Australian resident and believe we have breached the APPs, you may contact us at privacy@petborder.com or lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

11. UK and EU users (GDPR / UK GDPR)

If you are located in the UK or European Economic Area, you have additional rights under GDPR / UK GDPR. Our legal basis for processing your data is set out in Section 3 above. You have the right to lodge a complaint with your local supervisory authority.

For UK residents: Information Commissioner's Office (ICO) at ico.org.uk.

12. Children's privacy

PetBorder is not directed at children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email or via a notice on the website. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of PetBorder after changes are posted constitutes acceptance of the updated policy.

14. Contact us

For any privacy-related questions or to exercise your rights, please contact us at privacy@petborder.com or via our contact form.

Terms of UseAbout PetBorderContact