Vet-ly SOP Logo
Vet-ly SOP Logo
Sign InGet Started
Home/Privacy Policy

Privacy Policy

This Privacy Policy describes how Vet SOP collects, uses, and protects your personal information when you use our veterinary standard operating procedure management application.

Last Updated: October 1, 2025

Table of Contents

Overview

Vet SOP is committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal information.

Information We Collect

Account Information

  • Email address (used for authentication)
  • First and last name
  • Role (Owner, Manager, or Staff)
  • Job title
  • Clinic affiliation

Clinic Information

  • Clinic name
  • Business hours and time zone
  • Company logo and branding colors
  • Billing and subscription status

Operational Data

  • Procedures (SOPs) created and edited
  • Tasks created, assigned, and completed
  • Task completion timestamps and user signatures
  • Task groups and organizational structure
  • Job titles and team member assignments
  • Tags for categorization

Manager's Log Data (90-Day Retention)

  • Task completion records
  • Staff member who completed each task
  • Completion timestamp
  • Device information (browser type, OS)
  • IP address (for audit purposes)
  • Media accessed during task completion
  • Optional notes entered by staff

Media Files

  • Instructional images uploaded by managers
  • PDF documents for procedures
  • Short instructional videos (< 25MB)
  • File metadata (name, size, type)

Authentication & Session Data

  • Login timestamps
  • Session tokens (encrypted)
  • Authentication provider data (Supabase Auth)
  • Password reset requests

How We Use Your Information

Service Delivery

To provide and maintain the Vet SOP application, including task management, procedure documentation, and team coordination.

Authentication & Security

To verify user identity, maintain secure sessions, and prevent unauthorized access to clinic data.

Accountability & Compliance

To maintain audit logs for task completion, track accountability, and support compliance requirements.

Billing & Payments

To process subscription payments through Stripe, manage free trials, and enforce billing status.

Service Improvements

To analyze usage patterns (anonymized) and improve application features and performance.

Notifications

To send in-app alerts for due tasks, missed tasks, and manager reminders.

Data Storage & Security

Infrastructure

  • All data stored on Supabase (PostgreSQL database)
  • Files stored in Supabase Storage with per-clinic folders
  • Hosted on secure, enterprise-grade cloud infrastructure
  • Data encrypted in transit (TLS/SSL) and at rest

Multi-Tenancy & Isolation

  • Strict Row Level Security (RLS) policies enforce data isolation
  • Every record includes clinic_id for tenant separation
  • Users can only access data from their assigned clinic
  • Managers cannot access data from other clinics

Access Controls

  • Role-based permissions (Owner, Manager, Staff)
  • Staff have read-only access to procedures and media
  • Only Owners/Managers can modify settings and data
  • Authentication required for all application access

Data Retention

  • Manager's Log: 90-day automatic retention
  • Completed task instances logged before reset
  • Account data retained while subscription is active
  • Data deletion available upon account termination

Third-Party Services

Supabase

Purpose:Database, authentication, and file storage
Data Shared:All application data (see "Information We Collect")

Stripe

Purpose:Payment processing and subscription management
Data Shared:Email, billing information, payment method

Vercel

Purpose:Application hosting and deployment
Data Shared:Server logs, request metadata

Cookies & Tracking

We use essential cookies to maintain your authenticated session and remember your preferences. We do not use third-party advertising or analytics cookies.

Authentication Cookies

Required for secure login and session management(Required)

Preference Cookies

Remember your dashboard settings and UI preferences(Optional)

Your Rights

Access

You can view all your personal data within the application at any time.

Export

Owners and Managers can export Manager's Log data as CSV files.

Correction

You can update your profile information, clinic settings, and procedures at any time.

Deletion

Contact us to request account deletion. Data will be permanently removed within 30 days.

Portability

Request a copy of your clinic's data in a machine-readable format.

Restriction

Expired billing results in read-only access; no data is modified or deleted.

Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify affected users within 72 hours via email and in-app notification. We maintain incident response procedures and work with Supabase's security team to address any vulnerabilities.

Children's Privacy

Vet SOP is designed for use by veterinary professionals and clinic staff. We do not knowingly collect information from individuals under 18 years of age. If you believe we have inadvertently collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify users via email and display a notice in the application. The "Last Updated" date at the top of this policy reflects the most recent revision.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: admin@vet-ly.com

Support: support@vet-ly.com

We will respond to all privacy-related inquiries within 5 business days.

By using Vet SOP, you acknowledge that you have read and understood this Privacy Policy.

Privacy Policy | Vet SOP