Privacy Policy

We collect information you provide directly to us:

• ›Contact form submissions: your name, phone number, email address, and the audience category you select (veteran, civilian, or business).
• ›Any notes or messages you include in the contact form.
• ›Account credentials if you create a member account: email address and a hashed password. We never store passwords in plain text.
• ›Any information you voluntarily provide through the mobile app, including training logs, daily check-in responses, and dog health records.

We do not collect payment information directly. If we add e-commerce in the future, payments will be processed by a PCI-compliant third-party provider and we will not store your card details.

We do not collect sensitive health or medical records. Check-in data entered in the app (mood, wellness) is self-reported training support data — it is not a clinical record and is not shared with healthcare providers, the VA, or any government agency.

• ›To respond to your inquiry or request submitted through the contact form.
• ›To manage your member account and provide access to training resources.
• ›To communicate with you about your training progress, platform updates, and relevant announcements.
• ›To understand how people are finding and using Zoe's Legacy so we can improve it.

We will never use your information to market unrelated products or services, and we will never sell your data.

Your data is stored using Supabase, a cloud database platform hosted on AWS infrastructure. Supabase uses industry-standard encryption in transit (TLS) and at rest. Access to your data is protected by row-level security policies — meaning only authorized users and Zoe's Legacy administrators can access records.

Supabase acts as a data processor on our behalf. Their privacy practices are governed by their own privacy policy, available at supabase.com/privacy.

We retain contact form submissions for as long as necessary to respond to and manage your inquiry. Member account data is retained for the life of your account. You may request deletion at any time (see Section 6).

We do not sell, rent, or trade your personal information. We do not share your data with advertisers or data brokers.

We may share your information only in the following limited circumstances:

• ›Service providers: third-party tools that help us operate the platform (e.g., Supabase for database storage, email delivery providers for transactional messages). These providers are contractually prohibited from using your data for any purpose other than providing services to us.
• ›Legal requirements: if we are required to disclose information by law, subpoena, or court order, or to protect the rights and safety of our users or the public.
• ›Business transfers: if Zoe's Legacy is acquired or merges with another entity, your information may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

Our website may use cookies or similar technologies to maintain your login session and remember your preferences. We do not currently use third-party advertising cookies or behavioral tracking.

If we add analytics tools in the future (such as privacy-respecting analytics to understand page traffic), we will update this policy and provide opt-out options where required by law.

You have the right to:

• ›Request a copy of the personal data we hold about you.
• ›Request correction of inaccurate information.
• ›Request deletion of your data. We will honor deletion requests within 30 days, except where we are required to retain records by law.
• ›Withdraw consent to future communications at any time.

To exercise any of these rights, email us at ireyes@zoeslegacypsd.com. Please include your name and the email address associated with your account or submission so we can locate your records.

Zoe's Legacy is a dog training platform. We are not a healthcare provider, health plan, or healthcare clearinghouse, and we are not a HIPAA-covered entity. The information you share with us through the app or contact form is not protected health information (PHI) under HIPAA.

If you are a veteran receiving care through the VA or a private provider, please continue to manage your protected health information through those channels. Zoe's Legacy does not have access to, and cannot interface with, your VA health records.

Zoe's Legacy is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will delete it promptly. If you believe a child has submitted information to us, contact us at ireyes@zoeslegacypsd.com.

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. For material changes, we will make reasonable efforts to notify registered users by email. Your continued use of the site or app after changes are posted constitutes your acceptance of the updated policy.

Questions about this policy or your data? Reach out directly:

Zoe's Legacy LLC
Isolda Reyes, Founder
Maryland, United States
ireyes@zoeslegacypsd.com