SmartPawIQ Privacy Policy

Operated by MadProdigy LLC

1. Definitions and Key Terms

2. Introduction and Scope

3. Personal Data Collection

4. Data Processing and Usage

5. Data Storage and Security

6. Analytics, Advertising, and Third-Party Services

7. Your Rights and Choices

8. Data Retention and Deletion

9. International Data Transfers and Legal Jurisdiction

10. Children's Privacy

11. Changes to This Policy

12. Legal Information and Contact Details

1.1 Company and Service Terms

•       SmartPawIQ ("we," "us," or "our") — operated by MadProdigy LLC

•       Service: All features, functionalities, programs, and content available through SmartPawIQ

•       Platform: Our website (https://smartpawiq.com/) and related services accessible via any device

•       User: Any individual accessing or using our services ("you" or "your")

1.2 Data and Privacy Terms

•       Personal Data: Any information relating to an identified or identifiable natural person

•       Pet Data: Information relating to a user's pet(s), including species, breed, age, health, and behavioral data

•       Processing: Any operation performed on personal data or pet data

•       Data Controller: SmartPawIQ (MadProdigy LLC), determining the purposes and means of processing personal data

•       Data Processor: Third parties that process personal data on our behalf

•       Cookie: Small text file stored on your device containing data about your platform usage

1.3 Security Terms

•       Authentication: Process of verifying user identity

•       Encryption: Process of encoding information to prevent unauthorized access

•       Token: Unique identifier used for secure authentication

•       SSL/TLS: Security protocols for encrypted data transmission

2.1 Policy Overview

This privacy policy explains how SmartPawIQ, operated by MadProdigy LLC, collects, uses, and protects your personal data and your pet's data. It provides detailed information about your privacy rights and how you can exercise them.

2.2 Policy Application

This policy applies to:

•       All users of SmartPawIQ globally

•       All data collection methods

•       All service features and functionalities, including IQ tests and pet product purchases

•       All platform versions and updates

2.3 Policy Updates

•       We reserve the right to update this policy

•       Material changes will be notified via email

•       Continued use after changes constitutes acceptance

3.1 Account Information

A. Essential Data

•       Email address (required for authentication)

•       Name (collected during payment processing)

•       Last sign-in timestamp

•       Unique account identifiers

•       IP addresses

B. Optional Data

•       Phone number (if provided through payment processors)

•       User preferences and settings

•       Communication preferences

3.2 Pet Data

A. Pet Profile Information

•       Pet name

•       Species (dog, cat, etc.)

•       Breed

•       Age and date of birth

•       Health information (if voluntarily provided)

•       Behavioral notes and preferences

B. Test & Activity Data

•       IQ test results and scores

•       Completion timestamps

•       Performance metrics

Note: Individual test answers are processed in real-time and are not stored.

3.3 Service Usage Data

A. Interaction Data

•       Features accessed

•       Time spent on platform

•       Navigation patterns

•       Device information

•       Products viewed and purchased

3.4 Payment Information

We only receive and store limited payment information:

•       Tokenized payment method identifiers

•       Last four digits of payment cards

•       First six digits of payment cards

•       Card expiration dates

3.5 Technical and Device Data

A. Device Information

•       Operating system and version

•       Browser type and version

•       Screen resolution

•       Device type and model

•       Language preferences

B. Connection Data

•       IP address

•       Network information

•       Connection type

•       Geographic location (derived from IP)

•       Time zone settings

C. Performance Data

•       Load times

•       Error messages

•       System performance metrics

•       Network latency

•       Application response times

4.1 Primary Processing Purposes

A. Service Provision

•       Account creation and management

•       Authentication and security

•       Pet IQ testing and result delivery

•       Pet product recommendations and sales

•       Feature access and customization

•       Customer support

•       Service optimization

B. Payment Processing

•       Subscription management

•       One-time purchase processing

•       Payment authorization

•       Fraud prevention

•       Transaction records

•       Billing support

C. Communication

•       Service updates and notifications

•       Security alerts

•       Product information and recommendations

•       Support responses

•       Legal notices

4.2 Secondary Processing Purposes

A. Service Improvement

•       Usage pattern analysis

•       Feature optimization

•       Performance monitoring

•       User experience enhancement

•       Bug identification and resolution

B. Analytics and Research

•       Aggregate usage statistics

•       Pet intelligence trend analysis

•       Platform optimization

•       Feature development

•       Performance benchmarking

4.3 Legal Bases for Processing

A. Contractual Necessity

•       Account management

•       Service provision

•       Payment processing

•       Feature access

•       Support services

B. Legal Obligations

•       Tax compliance

•       Financial records

•       Legal requirements

•       Regulatory compliance

•       Safety and security

C. Legitimate Interests

•       Service improvement

•       Fraud prevention

•       Security maintenance

•       Technical optimization

•       Business development

D. Consent-Based Processing

•       Marketing communications

•       Optional features

•       Third-party integrations

•       Analytics participation

•       Feature testing

5.1 Storage Location and Data Transfers

•       All personal data is stored in secure data centers

•       Data is transmitted globally using encrypted channels

•       We employ appropriate safeguards for international data transfers

•       Continuous compliance monitoring and security measures are in place

5.2 Security Measures

A. Authentication and Access

•       Multi-factor Authentication capability

•       Passwordless authentication via email

•       Single-use verification codes

•       Session management with automatic termination

•       Role-based access control

•       Principle of least privilege

•       Access logging and monitoring

B. Data Protection

•       SOC2 Type 2 compliance

•       AES-256 encryption for data at rest

•       TLS encryption for data in transit

•       Regular security audits

C. System Security

•       DDoS Protection via Cloudflare

•       Intrusion detection systems

•       Regular security patching

•       Infrastructure monitoring

5.3 Payment Security

•       PCI DSS compliant payment processing

•       Tokenized payment information storage

•       No access to complete card numbers

•       Encrypted payment data transmission

•       Immediate security incident response

•       Regular compliance monitoring

5.4 Data Breach Notification Procedures

Upon discovering a potential breach, we will immediately initiate our incident response plan, assess the nature and scope of the breach, take immediate steps to contain it, and evaluate the risks to affected individuals.

We will notify affected users within 72 hours of breach confirmation via email. Notifications will include a description of the incident, types of data affected, potential impact, steps taken, and recommended user actions.

Where required by law, we will notify relevant supervisory authorities and comply with jurisdiction-specific requirements.

6.1 Analytics and Infrastructure Partners

We utilize the following services to monitor and improve our platform:

•       Google Tag Manager: For managing analytics and marketing tags

•       Google Analytics: For user behavior analysis and service optimization

•       MixPanel: For user interaction tracking and feature usage analysis

•       Google BigQuery: For large-scale data analysis and reporting

•       Sentry: For error monitoring, performance tracking, and session recording

•       Cloudflare: For performance analytics and security monitoring

6.2 Session Recording

Through Sentry, we implement session recording with the following safeguards:

•       Automatic masking of all user inputs

•       No collection of personally identifiable information

•       Exclusion of all data entry fields

•       Anonymization of all user interactions

•       Usage limited to bug investigation and performance optimization

6.3 Advertising Partners

We work with various advertising partners, including:

•       Facebook

•       Google

•       SnapChat

•       TikTok

•       Taboola

•       Outbrain

•       AppLovin

•       Pinterest

These partners may receive anonymous identifiers, email addresses (for advertising purposes), usage data, device information, and interaction metrics.

6.4 User Control Over Tracking

Users can limit tracking through browser cookie settings, ad-blocker extensions, device settings, and platform-specific controls. Opt-out options include the Digital Advertising Alliance (DAA) and Network Advertising Initiative (NAI) opt-out platforms. Note: Core service features will remain functional even if tracking is limited.

7.1 Universal Rights

All users have the following basic rights:

•       Access their personal data and pet data

•       Correct inaccurate data

•       Request data deletion (see Section 8.2)

•       Object to processing

•       Data portability

•       Withdraw consent

7.2 Regional Privacy Rights

A. European Union and UK Residents (GDPR)

•       Right to be informed

•       Right to access

•       Right to rectification

•       Right to erasure

•       Right to restrict processing

•       Right to data portability

•       Right to object

•       Rights regarding automated decision-making

B. California Residents (CCPA/CPRA)

•       Knowledge of personal information collection

•       Knowledge of information sharing

•       Deletion rights

•       Correction rights

•       Opt-out rights

•       Non-discrimination rights

•       Portability rights

C. Australian Residents (Privacy Act)

•       Collection notification

•       Access rights

•       Correction rights

•       Purpose specification

•       Use limitation

•       Disclosure transparency

D. Canadian Residents (PIPEDA)

•       Access rights

•       Accuracy rights

•       Consent withdrawal

•       Use transparency

•       Protection expectations

7.3 How to Exercise Your Rights

All privacy rights requests can be submitted via email to: info@smartpawiq.com

Response timelines:

•       Initial acknowledgment: Within 72 hours

•       Standard response time: 30 days

•       Maximum extension period: 45 days (with notification)

•       Appeal decisions: 30 days

Note: California residents receive acknowledgment within 10 days per CCPA requirements.

All personal data will be provided in machine-readable format (CSV or JSON) via encrypted transmission.

8.1 Retention Periods

•       Account data: While account is active

•       Pet data: While account is active or as directed by user

•       Payment records: As required by law

•       Analytics data: For service improvement

•       Communication records: 2 years

•       Security logs: 13 months

8.2 Deletion Procedures

•       Account deletion: 30-day process

•       Pet data removal: Systematic process alongside account data

•       Data removal: Systematic process

•       Backup removal: 90-day maximum

•       Verification process: Complete removal check

9.1 International Data Transfers

For users outside the United States, we ensure appropriate data protection through:

•       Standard contractual clauses for international data transfers

•       Technical and organizational security measures

•       Regular compliance monitoring and assessments

•       Adherence to international data protection requirements

9.2 Legal Jurisdiction and Dispute Resolution

Escalation Process

Before pursuing legal action, users must follow our escalation procedure:

First-Level Escalation:

◦       Submit to escalations-leader@smartpawiq.com

◦       Include reference number and prior communication history

◦       Response provided within 5 business days

Second-Level Escalation:

◦       If unsatisfied, escalate to escalations-management@smartpawiq.com

◦       Senior management review

◦       Final decision within 15 business days

Following the escalation process, parties will attempt a 30-day good-faith informal resolution period.

Formal Legal Proceedings

This privacy policy is governed by the laws of the State of Montana, United States. Any legal proceedings shall be exclusively resolved through binding arbitration conducted by the American Arbitration Association. Users expressly consent to the personal jurisdiction of Montana courts for matters exempt from arbitration. All claims must be brought within six months of the incident date.

10.1 Age Restrictions

•       Minimum age: 18 years

•       No intentional collection from minors

•       Account termination if underage user is discovered

Note: While SmartPawIQ tests and products are intended for pets, all account holders and purchasers must be 18 years of age or older.

11.1 Modification Rights

We reserve the right to modify this privacy policy at any time.

11.2 Types of Changes

A. Material Changes

Changes that significantly affect your rights or our obligations, including major changes to data sharing with third parties, fundamental changes to data processing purposes, and significant changes to user privacy rights.

Material changes: Email notification 5 days before implementation. Continued use constitutes acceptance.

B. Non-Material Changes

Changes that don't substantially affect your rights — such as updates to reflect current practices, new product features, changes to contact information, clarifications, or analytics and advertising partner updates.

Non-material changes may be implemented immediately without advance notice.

12.1 Company Information

Legal Name: MadProdigy LLC

Brand: SmartPawIQ

Website: https://smartpawiq.com/

Email: info@smartpawiq.com

Postal Address: 1001 S Main St Ste. 600, Kalispell, MT 59901, United States

All inquiries will be handled according to the response timelines detailed in Section 7.3.