Vet-ly SOP Logo
Sign InGet Started
Your Data, Protected

Privacy Policy

How Vet-ly collects, uses, and protects your personal information when you use our veterinary SOP management application.

Last Updated: February 21, 2026

Table of Contents

Overview

Vet-ly is committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal information.

Information We Collect

Account Information

  • Email address (used for authentication)
  • First and last name
  • Role (Owner, Manager, or Staff)
  • Job title
  • Clinic affiliation

Clinic Information

  • Clinic name
  • Clinic state (used for AI-generated regulatory references)
  • Business hours and time zone
  • Company logo and branding colors
  • Billing and subscription status

Operational Data

  • Procedures (SOPs) created and edited
  • Tasks created, assigned, and completed
  • Task completion timestamps and user signatures
  • Task groups and organizational structure
  • Job titles and team member assignments
  • Tags for categorization

AI-Generated Content Data

  • Text prompts and descriptions you submit to the AI SOP generator or AI editor
  • Additional context provided with AI requests (e.g., species, special requirements)
  • AI-generated SOP content (instructions, safety guidelines, resources, regulatory references)
  • Your clinic's state, which is automatically included with AI requests for regulatory reference purposes
  • AI-generated SOPs are saved as anonymous community templates (your clinic name, personal information, and additional context are excluded)

Manager's Log Data

  • Task completion records
  • Staff member who completed each task
  • Completion timestamp
  • Device information (browser type, OS)
  • IP address (for audit purposes)
  • Media accessed during task completion
  • Optional notes entered by staff

Media Files

  • Instructional images uploaded by managers
  • PDF documents for procedures
  • Short instructional videos (< 25MB)
  • File metadata (name, size, type)

Authentication & Session Data

  • Login timestamps
  • Session tokens (encrypted)
  • Authentication provider data (Supabase Auth)
  • Password reset requests

How We Use Your Information

Service Delivery

To provide and maintain the Vet-ly application, including task management, procedure documentation, and team coordination.

Authentication & Security

To verify user identity, maintain secure sessions, and prevent unauthorized access to clinic data.

Accountability & Compliance

To maintain audit logs for task completion, track accountability, and support compliance requirements.

Billing & Payments

To process subscription payments through Stripe, manage free trials, and enforce billing status.

AI Content Generation

To process your prompts through third-party AI services (Anthropic) and generate draft SOP content, including instructions, safety guidelines, resources, and regulatory references. Your clinic's state is included automatically to tailor regulatory references to your jurisdiction.

Community Templates

AI-generated SOP content (excluding your clinic name, personal information, and additional context) may be saved as anonymous community templates to help other veterinary clinics. This sharing is automatic and cannot be opted out of when using AI generation features.

Service Improvements

To analyze usage patterns (anonymized) and improve application features and performance.

Notifications

To send in-app alerts for due tasks, missed tasks, and manager reminders.

Data Storage & Security

Infrastructure

  • All data stored on Supabase (PostgreSQL database)
  • Files stored in Supabase Storage with per-clinic folders
  • Hosted on secure, enterprise-grade cloud infrastructure
  • Data encrypted in transit (TLS/SSL) and at rest

Multi-Tenancy & Isolation

  • Strict Row Level Security (RLS) policies enforce data isolation
  • Every record includes clinic_id for tenant separation
  • Users can only access data from their assigned clinic
  • Managers cannot access data from other clinics

Access Controls

  • Role-based permissions (Owner, Manager, Staff)
  • Staff have read-only access to procedures and media
  • Only Owners/Managers can modify settings and data
  • Authentication required for all application access

Data Retention

  • Manager's Log: retained for the lifetime of your account
  • Completed task instances logged before reset
  • Account data retained while subscription is active
  • Data deletion available upon account termination

Third-Party Services

Anthropic

Purpose:AI-powered SOP generation and editing
Data Shared:Text prompts, additional context, existing SOP content (for editing), and clinic state. Your clinic name and personal information are not sent to Anthropic.

Supabase

Purpose:Database, authentication, and file storage
Data Shared:All application data (see "Information We Collect")

Stripe

Purpose:Payment processing and subscription management
Data Shared:Email, billing information, payment method

Vercel

Purpose:Application hosting and deployment
Data Shared:Server logs, request metadata

Cookies & Tracking

We use essential cookies to maintain your authenticated session and remember your preferences. We do not use third-party advertising or analytics cookies.

Authentication Cookies

Required for secure login and session managementRequired

Preference Cookies

Remember your dashboard settings and UI preferencesOptional

Your Rights

Access

You can view all your personal data within the application at any time.

Export

Owners and Managers can export Manager's Log data as CSV files.

Correction

You can update your profile information, clinic settings, and procedures at any time.

Deletion

Contact us to request account deletion. Data will be permanently removed within 30 days.

Portability

Request a copy of your clinic's data in a machine-readable format.

Restriction

Expired billing results in read-only access; no data is modified or deleted.

Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify affected users within 72 hours via email and in-app notification. We maintain incident response procedures and work with Supabase’s security team to address any vulnerabilities.

Children's Privacy

Vet-ly is designed for use by veterinary professionals and clinic staff. We do not knowingly collect information from individuals under 18 years of age. If you believe we have inadvertently collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify users via email and display a notice in the application. The “Last Updated” date at the top of this policy reflects the most recent revision.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: admin@vet-ly.com

Support: support@vet-ly.com

We will respond to all privacy-related inquiries within 5 business days.

By using Vet-ly, you acknowledge that you have read and understood this Privacy Policy.

Privacy Policy | Vet-ly