Loading ChongCheck
Preparing the next page and checking session context.
Preparing the next page and checking session context.
Plain-English summary: We collect what we need to run the Service. We do not sell personal data. We do use de-identified, bucketed, and aggregated derivatives of your usage to train our AI models — and on the Free Plan, that data contribution is part of the deal (full details in Section 7). You can opt out at any time on Paid Plans, and you can delete your data permanently. Questions?
privacy@chongcheck.app.
This Privacy Policy explains how ChongCheck OÜ ("ChongCheck", "we", "us", "our") collects, uses, shares, retains, and protects personal data when you use our website, mobile apps, browser extensions, and related services (collectively, the "Service").
This Policy supplements our Terms of Service, AI Training & Research Data Notice, and Cookie Policy.
Data controller: ChongCheck OÜ [Registered Address — to be filled by legal] Estonia
Data Protection Officer: dpo@chongcheck.app Privacy team: privacy@chongcheck.app
For users in the European Economic Area, the United Kingdom, or Switzerland, ChongCheck OÜ is the controller of your personal data. For users in the Russian Federation, we comply with Federal Law No. 152-FZ "On Personal Data" and are registered with Roskomnadzor.
Veterinary health data of pets is not "special category data" under GDPR Art. 9 (which addresses human health data). Nonetheless, we treat pet health data with care equivalent to human-grade health data — encryption at rest and in transit, strict access controls, pseudonymization for research, no sale, and minimum necessary retention.
| Purpose | Categories | Legal basis (GDPR) |
|---|---|---|
| Provide the Service (run consilium, store history, deliver reports) | Account, Pet, Health, Payment | Contract — Art. 6(1)(b) |
| Account security, fraud and abuse prevention | Account, Device, Usage | Legitimate interest — Art. 6(1)(f) |
| Billing, taxation, accounting | Account, Payment | Legal obligation — Art. 6(1)(c); Contract |
| Customer support | All you submit | Contract / Legitimate interest |
| Service improvement (debugging, A/B tests on UI flows) | Account, Usage, Device | Legitimate interest |
| AI model training & research corpus (de-identified) | De-identified derivatives of Account+Pet+Health | Consent — Art. 6(1)(a) (on signup and in Settings); also Art. 89 scientific research safeguards for pseudonymized data |
| Aggregated commercial reports to pharma/academic partners | k-anonymous aggregates | Legitimate interest (no personal data leaves) |
| Direct marketing emails (newsletter) | Account email | Consent — Art. 6(1)(a) (opt-in) |
| Transactional emails (receipts, security, outcome wizard nudges) | Account email | Contract / Legitimate interest |
| Legal claims, compliance with court orders, regulator requests | All | Legal obligation; Legitimate interest |
For Russian users, the corresponding bases under 152-FZ are: contractual performance, consent (for marketing and for research-data sharing), and legal obligation.
For CCPA / CPRA users in California: we do not sell personal information, and our "share" of personal information for cross-context behavioural advertising is limited to nil. Our use of de-identified data for AI training is not a "sale" or "share" under CCPA.
We use personal data only for the purposes listed in Section 4. Specifically:
We do not:
When you submit lab values or symptoms, our AI consilium produces a structured report. This is automated processing.
Free Plan — please read carefully. The Free Plan is supported by your contribution of de-identified data. The data we use for AI training and research is never your raw account data, photos, free text, or PII. It is a bucketed, pseudonymized, redacted derivative. The detailed mechanics are in our AI Training & Research Data Notice.
A separate dataset stored in a separate cloud bucket (chongcheck-research-corpus), containing only:
v1:<64-character hex>);Names, emails, phone numbers, addresses, pet's name, exact date of birth, exact weight, IP addresses, device identifiers, photos, payment data, or raw free-text fields.
Free text undergoes (1) deterministic regex stripping over 19 categories (email, phone in E.164 / US / RU formats, URL, IP, address, postal code, credit-card with Luhn check, SSN, INN with mod-97, IBAN, dates with year, names with locale hints), and (2) a follow-up LLM check that catches residual PII.
Any aggregate that leaves our perimeter is grouped by (breed × age band × weight band × country) and filtered to groups of at least 5 records (rising to 10 before our first pharmaceutical Data Processing Agreement).
We never share row-level research data with advertising networks, data brokers, social networks, or insurance companies.
The HMAC key used to pseudonymize identifiers is stored in our secrets vault and is never exposed externally. Each read is audit-logged.
Our subprocessors (the third parties that help us deliver the Service) are listed at chongcheck.app/legal/subprocessors. Current categories include:
Each subprocessor has a signed Data Processing Agreement and operates under appropriate transfer safeguards (Standard Contractual Clauses where applicable).
For pharmaceutical and academic partners we share only aggregated, k-anonymous, statistical reports — never row-level personal data.
We may disclose personal data when required by law, court order, or governmental request, or to protect our rights or the safety of users or the public. Where lawful, we will notify you first.
If ChongCheck is involved in a merger, acquisition, financing, reorganization, or sale of assets, personal data may be transferred. Users will be notified before personal data becomes subject to a different privacy policy.
Where personal data is transferred outside the European Economic Area, the United Kingdom, or the Russian Federation, we rely on appropriate safeguards, including:
Specifically, AI inference requests may be routed to providers operating in the United States. We restrict such requests to providers with zero-retention or short-retention configurations.
| Category | Retention period |
|---|---|
| Active account data | While the account exists |
| Closed account data (after GDPR delete) | Erased within 30 days |
| Financial records (invoices, tax) | 7 years (AML and tax-law requirements) |
| Audit log of admin / GDPR / breakglass actions | 7 years |
| Sentry error events | 90 days |
| PostHog analytics events | 12 months hot, 24 months cold |
| Postmark email logs | 45 days |
| Backups | 30 days rolling |
| Research corpus (pseudonymized) | Indefinite under valid consent; erased within 30 days if you request Full Erasure |
We apply industry-standard technical and organizational measures, including:
No system is perfectly secure. If you believe your account has been compromised, contact security@chongcheck.app immediately.
Depending on your jurisdiction, you have some or all of the following rights:
privacy@chongcheck.app).For CCPA/CPRA users in California: you have the right to know, to delete, to correct, to opt out of "sale/share" (we do not sell or share for cross-context behavioural advertising), and to non-discrimination.
To exercise any right, email privacy@chongcheck.app. We respond within 30 days (extendable by 60 days for complex requests, with notice).
The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you become aware that a child has provided personal data, contact privacy@chongcheck.app and we will delete it.
See our Cookie Policy for the full breakdown. In summary:
You can manage preferences in Settings → Privacy → Cookies, or via your browser controls.
Material changes are announced by email and in-app banner at least 30 days before they take effect. We maintain a version history at chongcheck.app/legal/privacy-policy/versions. Continued use after the effective date constitutes acceptance.
If a change materially expands the categories of recipients or the purposes of processing for already-collected personal data, we will obtain fresh consent (re-consent) rather than rely on the prior consent.
privacy@chongcheck.appdpo@chongcheck.appIf you live in the EU and you would like to lodge a complaint about how we handle your personal data, you may also contact the data-protection authority of your country of residence.
This document is a draft pending review by qualified privacy counsel in each applicable jurisdiction.