Privacy policy

This policy applies to veterinary clinic accounts, authorized team members and individuals whose data may be entered in Cabivet by a clinic using the service. For any question about data, contact hello@cabivet.com.

Data processing is governed by applicable data protection laws in the jurisdictions where the clinic operates and by Cabivet's own commitments.

• Cabivet processes the data needed to provide, secure, bill and improve the service.
• The clinic using the service remains responsible for the data it collects, enters and uses in the context of its relationships with clients, employees and partners.
• The clinic must have a legal basis, authorization or valid consent when entering personal data into Cabivet.
• Cabivet does not sell, rent or commercialize personal data for advertising purposes.

The categories below may vary depending on the features activated, the fields filled in by the clinic and the payment methods used.

• Account: name, email, hashed password (never in plain text).
• Clinic: clinic name, city, logo, phone numbers, hours. Entered by you during onboarding and editable at any time in the settings.
• Business data: owners, animals, consultations, prescriptions, vaccines, invoices, payments, stock movements. You own it, we are its technical custodians.
• Payment data: processed by specialized payment providers. Cabivet keeps the information needed for billing and subscription status, never card numbers in plain text.
• Technical data: anonymized access logs, aggregated usage statistics, encrypted session identifier. No advertising pixel, no resale.
• Communications: support requests, service emails, notifications, security messages and exchange history with Cabivet.
• Documents: files, images, PDFs, exports or attachments added or generated by the clinic as part of the service.

• Provide the service: display your records, generate PDFs, send emails.
• Issue your subscription invoices and process payments.
• Contact you for support, service updates, incidents.
• Detect and prevent abuse (suspicious sign-in attempts, scraping, payment fraud).
• Improve the product from aggregated, anonymized data. No identifiable patient data is used for product analysis.
• Produce aggregated reports, usage statistics, technical diagnostics and performance metrics.
• Respond to legal requests, competent authorities, accounting, tax or security obligations.

Client data is hosted on servers located in Germany (European Union). By using Cabivet, you acknowledge that data may be transferred and processed outside your country for storage, operation and security purposes.

For security and operational reasons, we do not disclose the identity of our hosting or infrastructure providers. These providers are bound by confidentiality, security and data protection obligations.

We may share data with trusted providers only when necessary to provide, secure, bill or improve the service:

• Hosting and infrastructure providers, with primary storage in Germany (European Union).
• Payment providers, to process subscriptions and payments.
• Email and communication providers, for transactional messages related to the account or service.
• Monitoring, security, logging and technical diagnostic tools.
• Professional advisors, authorities or third parties when required by law, legal process or to protect our rights.
• User-activated messaging services, when the clinic chooses to contact an owner via an external channel.

In accordance with applicable data protection laws, you may at any time:

• Access your data (full export available from the settings).
• Correct inaccurate information.
• Delete your account and all your data.
• Object to a specific processing operation.

To exercise these rights, write to hello@cabivet.com. Maximum response time: 15 days.

Cabivet only uses strictly necessary cookies: session, language preference, anti-CSRF token. No advertising cookies, no cross-site tracking.

Your data is kept as long as your account is active. After account deletion, we purge data within 30 days, except for invoices and accounting records that law requires us to keep for 10 years.

• Account: kept for the lifetime of the account, then according to legal, security or evidence needs.
• Business data: kept as long as the subscription or access remains active, then deletable after expiry, suspension or termination.
• Invoices and payments: kept according to applicable accounting, tax and evidence obligations.
• Support and security: kept as long as needed for processing, abuse prevention and defense of our rights.

We apply reasonable technical and organizational measures to protect data, without being able to guarantee absolute security.

• Encryption of communications when data travels between your browser and the service.
• Access controls, authentication, secure sessions and rights limited to roles.
• Logging, monitoring, diagnostics and abuse prevention measures.
• Internal incident-response procedures where reasonably possible.

No transmission or storage method is entirely safe. You are responsible for the security of your devices, passwords, internal access and backups.

Cabivet is a B2B service not intended for individuals under 18. We do not seek to collect data directly from minors through user accounts.

If you believe your data protection rights are not being respected, you may contact the competent authority in your jurisdiction.

Contact the data protection authority in your country of residence for any complaint regarding personal data processing.

Any material change is notified to you by email and in the app at least 15 days before it takes effect. This version is dated May 20, 2026.

For any question: hello@cabivet.com. We reply in English and French.