Skip to main content

Legal

Privacy Policy

Last updated: May 25, 2026

TailRoster, Inc. ("TailRoster," "we," or "us") provides the SaaS platform operated at www.tailroster.com and the related pet-parent portal. This Privacy Policy explains what personal data we collect, why we collect it, how we share it, and the rights you have over your data.

TailRoster serves two distinct categories of users: (1) facility operators — the kennel, daycare, grooming, and training businesses who sign up for our software, and (2) pet parents — the customers of those facilities who interact with us through the parent portal, SMS, email, and (where enabled) the iOS app. Where this policy differs by audience, we say so explicitly.

1. Data we collect

From facility operators

From pet parents

2. How we use data

3. Sub-processors

We share personal data with the following vendors solely to operate the service:

VendorPurposeRegion
Supabase, Inc.Primary database + authentication + file storageUnited States
Vercel, Inc.Web hosting + edge computeUnited States
Stripe, Inc.Payment processing + Stripe Connect for operator payoutsUnited States
Twilio, Inc.SMS + voice messagingUnited States
ResendTransactional + marketing email deliveryUnited States
Inngest, Inc.Background job orchestrationUnited States
Anthropic, PBCAI co-pilot features (front-desk, summarization, photo selection)United States
OpenAI, L.L.C.Fallback AI features when configuredUnited States
Cloudflare, Inc.DDoS protection + image optimizationUnited States
SentryError reporting (PII-stripped where possible)United States
PostHogProduct analytics (no identifiable end-user data sent)United States / EU

4. Your rights

Pet parents

You have the right to:

Residents of California (CCPA / CPRA) and the EEA / UK (GDPR) have additional rights including data portability and the right not to be discriminated against for exercising rights. Submit requests to privacy@tailroster.com. We respond within the timeframe required by the applicable law (45 days under CCPA, 30 days under GDPR).

Facility operators

Operators are data controllers for their customer and pet records; TailRoster is the data processor. If a pet parent makes a deletion or access request, the operator is the primary recipient — TailRoster provides the tools to fulfill it within the platform.

5. Data retention

6. Security

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256 via Supabase). Access to production data is limited to authorized TailRoster personnel and audited via our internal access log. We use row-level security in our database to enforce tenant isolation: one facility cannot read another facility's data. We run continuous monitoring for unauthorized access patterns.

Report a security vulnerability: security@tailroster.com.

7. Children

TailRoster is not directed to children under 13 and we do not knowingly collect personal data from children. If you believe we have collected such information, please contact us and we will delete it.

8. International transfers

Our infrastructure is hosted in the United States. Personal data submitted by users outside the United States will be transferred to, processed in, and stored in the United States, subject to Standard Contractual Clauses or equivalent transfer mechanisms where required.

9. Changes to this policy

We will post the updated policy here with a new "last updated" date. Material changes (new sub-processors, broader categories of data, changes to your rights) will be notified by email to facility operators and via in-app notice to pet parents at least 30 days before taking effect.

10. Contact

TailRoster, Inc.
1701 Cypress Creek Rd
Aspen, CO 81611
United States
privacy@tailroster.com

See also: Terms of Service.