Privacy Policy
Breedbase(“we”, “our”, “us”) operates the Breedbase platform at breedbase.com. This policy explains how we collect, use, and protect your personal data.
Last updated: 23 March 2026
1. Who We Are
Breedbase is a business management platform for professional dog trainers. We provide scheduling, client management, training plan tools, and calendar integration to help trainers run their businesses.
Data controller: Breedbase, United Kingdom
Contact: privacy@breedbase.com
2. What Data We Collect
Data you provide directly
- Account information: name, email address, password
- Business information: business name, phone number
- Client records: your clients' names, contact details, emergency contacts, and notes you add about their dogs (breed, health, temperament, vaccination status)
- Session data: scheduled appointments, session notes, training plans, and progress records
- Payment information: processed securely by Stripe; we do not store card numbers
Data collected automatically
- Usage data: pages visited, features used, device type, browser type
- Log data: IP address, access times, error logs for debugging
Data from third-party integrations
- Google Calendar: when you connect your Google Calendar, we access your calendar list and create, update, or delete events in your chosen calendar to mirror your Breedbase sessions. We do not read or modify any existing events that were not created by Breedbase.
3. How We Use Your Data
We use your data to:
- Provide the Breedbase platform and its features
- Manage your account and authenticate your sessions
- Sync your sessions with Google Calendar when you enable this integration
- Send transactional emails (session reminders, invoices, password resets)
- Improve our platform based on aggregate, anonymised usage patterns
- Respond to support requests
We do not:
- Sell your personal data to third parties
- Use your data for advertising
- Share your client records with anyone other than you
- Access your Google Calendar data for any purpose other than session synchronisation
4. Legal Basis for Processing (GDPR)
| Purpose | Legal basis |
|---|---|
| Providing the platform | Performance of contract |
| Account security and authentication | Legitimate interest |
| Session reminders and invoices | Performance of contract |
| Google Calendar sync | Your explicit consent |
| Usage analytics (anonymised) | Legitimate interest |
| Responding to support requests | Legitimate interest |
5. Google Calendar Integration
When you choose to connect your Google Calendar:
- We request permission to view your calendar list (to let you choose which calendar to sync to) and to create, edit, and delete events in that calendar
- We only create, modify, or delete events that Breedbase itself created — we never touch your personal events
- Your Google authentication tokens are stored securely and encrypted at rest
- You can disconnect your Google Calendar at any time from Settings, which revokes our access immediately
- Disconnecting removes the stored tokens; events already created in your Google Calendar remain unless you delete them manually
6. Data Storage and Security
- Your data is stored on servers in the EU/UK provided by Supabase (database) and Vercel (application hosting)
- All data is encrypted in transit (TLS) and at rest
- Authentication tokens for third-party services (e.g., Google) are encrypted at rest
- We use Supabase Row Level Security to ensure trainers can only access their own data
- We conduct regular security reviews of our infrastructure
7. Data Retention
- Account data: retained while your account is active, deleted within 30 days of account deletion
- Client records and session data: retained while your account is active; deleted when you delete them or close your account
- Google Calendar tokens: deleted immediately when you disconnect the integration or close your account
- Usage logs: retained for 90 days for debugging, then deleted
8. Your Rights
Under UK GDPR, you have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your data (“right to be forgotten”)
- Export your data in a portable format
- Withdraw consent for optional processing (e.g., Google Calendar sync)
- Object to processing based on legitimate interest
- Lodge a complaint with the Information Commissioner's Office (ICO)
To exercise any of these rights, contact privacy@breedbase.com. We will respond within 30 days.
9. Third-Party Services
We use the following third-party services to operate Breedbase:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Database and authentication | Account data, client records |
| Vercel | Application hosting | Usage data, IP addresses |
| Stripe | Payment processing | Email, payment details |
| Google Calendar API | Calendar synchronisation | Session titles, times, locations |
| Resend | Transactional email | Email addresses, message content |
Each service has its own privacy policy and processes data in accordance with GDPR.
10. Cookies
Breedbase uses only essential cookies required for authentication and session management. We do not use tracking cookies, advertising cookies, or analytics cookies that identify individual users.
11. Changes to This Policy
We may update this policy from time to time. We will notify you of material changes via email or an in-app notice. The “last updated” date at the top of this page reflects the most recent revision.
12. Contact
For any questions about this privacy policy or your data:
Email: privacy@breedbase.com
For complaints, you may also contact the UK Information Commissioner's Office at ico.org.uk.