K9 Beacon
← Back to Home

Privacy Policy

Effective date: March 2026

1. Who We Are

K9 Beacon is a medical identification tag system designed for service dog handlers. We operate the K9 Beacon platform, including the website at this domain and the associated web application. In this policy, “we”, “us”, and “our” refer to K9 Beacon and its operators.

2. Information We Collect

We collect information that you voluntarily provide when creating and managing your K9 Beacon profile. This includes:

  • Account information — your email address and password (stored as a secure hash via Supabase Auth).
  • Public card data (Tier 1) — your name, your service dog’s name and certification ID, a primary emergency contact name and phone number, and photos of you and your dog. This information is intentionally displayed to bystanders and first responders when your QR code or NFC chip is scanned.
  • Medical data (Tier 2) — date of birth, blood type, allergies, current medications, medical conditions, DNR status, and a secondary emergency contact. This data is stored encrypted and is only accessible to someone who enters the correct PIN.
  • Billing information — if you subscribe to a paid plan, payment is processed by Stripe. We do not store card numbers or payment credentials on our servers.
  • Scan log data — when your card is scanned we may record the type of view (public or EMT) and the scanning device’s user-agent string. We do not record IP addresses or GPS coordinates.

3. How We Use Your Information

  • To operate and maintain your K9 Beacon profile and scannable card.
  • To display your public card information to anyone who scans your QR code or NFC chip, as you intend by creating the card.
  • To allow authorised EMTs and first responders to access Tier 2 medical data after entering the correct PIN.
  • To send transactional emails (account confirmation, password reset, and invitation) via our email service provider.
  • To process payments and manage your subscription via Stripe.
  • To maintain an audit log of card scans for your records and our security monitoring.

We do not sell, rent, or trade your personal information or medical data to any third party for marketing purposes.

4. Disclosure of Medical Data

You create your K9 Beacon card with the explicit purpose of disclosing certain information in an emergency. By publishing a card, you consent to:

  • Tier 1 (public) data being viewable by any person who scans your code, without authentication.
  • Tier 2 (medical) data being viewable by any person who scans your code and enters the PIN you have shared.

You are responsible for deciding what information to include on your card and for sharing your PIN only with trusted individuals (such as family members, your veterinarian’s office, or your physician’s office).

5. Third-Party Service Providers

We use the following sub-processors to operate the platform:

  • Supabase — database, authentication, and file storage. Your data is stored on Supabase-managed infrastructure.
  • Stripe — payment processing. Stripe stores payment card details under its own PCI-DSS-compliant systems.
  • Brevo (Sendinblue) — transactional email delivery. Your email address is passed to Brevo solely to send you account-related emails.
  • Vercel / Netlify — web hosting and edge delivery. Your requests pass through their infrastructure.

6. Data Retention

We retain your account and card data for as long as your account is active. If you close your account, we will delete your profile, card data, and uploaded images within 30 days. Scan log entries are retained for up to 12 months for security and audit purposes, after which they are permanently deleted. Billing records may be retained for up to 7 years to meet legal and accounting obligations.

7. Your Rights

You have the right to:

  • Access — view all the information stored on your card at any time by logging in.
  • Correct — update any information from your account portal.
  • Delete — deactivate or delete your card, or close your account entirely.
  • Export — contact us to request a copy of your data in a portable format.

To exercise any of these rights, contact us at the address below.

8. Security

We apply row-level security policies so that only you can read and modify your account data. Tier 2 medical data is never returned to the browser without a valid PIN hash verified server-side. All data is transmitted over HTTPS. Despite these measures, no system is completely secure, and we cannot guarantee the absolute security of your information.

9. Children

K9 Beacon is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. Continued use of K9 Beacon after changes are posted constitutes your acceptance of the revised policy. For material changes, we will send a notice to your registered email address.

11. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us through the K9 Beacon website. We aim to respond to all privacy enquiries within 10 business days.

HomeTerms of Use