Privacy policy
This policy explains how PetFoodRate collects, uses, and protects your personal data. Designed to comply with EU GDPR, UK GDPR, and the California Consumer Privacy Act (CCPA).
Who we are
PetFoodRate is an independent international pet food rating service operating at petfoodrate.com. You can contact us at contact@petfoodrate.com.
What we collect
Account data (email, optional name), pet profiles you create (species, age, weight, conditions), product interactions (searches, saved scores, comparisons), and technical data (IP, browser, approximate city location, pages visited). We do not collect payment data because the site is free.
How we use it
To operate the site and its features (scoring, personalised recommendations, alerts), to improve the ingredient database and scoring algorithm through aggregated usage analytics, to respond to your enquiries, and to comply with legal obligations. We do not sell personal data.
Legal basis
We process your personal data on the basis of consent (for analytics cookies and marketing communications), legitimate interest (for site operation and fraud prevention), and legal obligation (where required by law).
Who we share data with
Trusted service providers that help us operate the site (Supabase for database, Cloudflare for hosting, Resend for email) under strict data processing agreements. We do not share data with affiliate partners beyond anonymous click referrals, and we never sell data.
Your rights
Under GDPR/CCPA you can request access to your data, correction of inaccurate data, deletion (right to be forgotten), restriction of processing, data portability, and objection to certain processing. Write to contact@petfoodrate.com and we respond within 30 days.
Retention
Account data is kept as long as your account is active. After account deletion, we keep minimal audit logs for 90 days then purge everything. Usage analytics are anonymised after 13 months.
International transfers
Our servers are located in the EU and the US. When data is transferred between regions, we use Standard Contractual Clauses and additional safeguards as required by GDPR.
Complaints
If you feel your data rights have not been respected, you can complain to your local data protection authority. In the EU/UK, that is usually your national DPA. In France: the CNIL (cnil.fr). In the UK: the ICO (ico.org.uk).