FORBusiness
MENU
For ParentsFor Business

Dosty.co © 2026 SIA Dosty. All rights reserved.
DESIGN BY HEATS

Apr. 01, 202612 min
Privacy Policy

1. Introduction



We are committed to safeguarding the privacy of our users. This Privacy Policy explains what personal data we collect, why we collect it, the legal basis for doing so, and your rights in relation to that data. Our Platforms ("Platforms" means the website https://dosty.co/ (the "Site"), mobile applications ("Apps"), and all related content and services) are owned, managed, and operated by SIA Dosty.



This policy is provided in accordance with Articles 13 and 14 of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws.



2. About Us / Data Controller



The data controller responsible for your personal data is:



 



SIA Dosty



Valdeku iela 62 k-1 - 4, Riga, Latvia



Email: [email protected]



Website: https://dosty.co/



3. Data We Collect



We collect and process the following categories of personal data:



 



3.1 Device and Usage Information



Information about your visits to and use of our application, including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, and navigation paths.



3.2 Registration Information



Information you provide when registering, such as your name and email address.



3.3 Pet Profile Information



Information you provide when creating and managing your pet’s profile, including your pet’s name, species, breed, date of birth, weight, vaccination history, grooming schedule, flea treatment history, and feeding routines. This data is used to personalise your experience, generate AI-powered tips, and deliver care reminders.



3.4 Communication Data



Information contained in or relating to any communication that you send to us or through our application, including the communication content and associated metadata.



3.5 AI Interaction Data



We collect and process the content of your interactions with the AI Chat Assistant and the AI Daily Tips feature, including:




  • Text questions and messages you submit to the AI Chat

  • Files and images you share within the AI Chat for pet-related queries

  • Personalised daily tips generated based on your pet’s profile data

  • Responses received from the AI system



This data may be used to improve AI performance, troubleshoot errors, and enhance user experience. Interactions may be stored temporarily and anonymised for internal review. Images and files submitted to the AI Chat are processed to answer your query and are not used to train AI models without your explicit consent.



3.6 Community Content Data



When you participate in the Community feature, we collect and store:




  • Text posts, captions, and comments you create

  • Images and media you upload

  • Interaction metadata (likes, comments, reports)



Community content may be visible to other users and may be moderated for compliance with our Community Guidelines.



3.7 Symptom Checker Data



Your responses to the Symptom Checker questionnaire, including symptoms selected and recommendations provided. This data may be used in aggregate and anonymised form to improve the tool. It is not shared with third parties in a form that identifies you.



3.8 Content Library Usage Data



Information about which articles and videos you view within the Content Library, used to personalise content recommendations.



3.9 Other Information



Any other personal information you choose to send to us.



4. Lawful Basis for Processing



We process your personal data only where we have a lawful basis to do so under GDPR Article 6. The basis applicable to each processing activity is set out below:



 



4.1 Performance of a Contract (Art. 6(1)(b))



Processing that is necessary to provide the services you have signed up for, including:




  • Creating and maintaining your user account

  • Managing your pet’s profile and delivering care reminders

  • Providing access to the AI Chat, Daily Tips, Symptom Checker, and Content Library

  • Processing subscription payments



4.2 Legitimate Interests (Art. 6(1)(f))



Processing that is necessary for our legitimate interests, where those interests are not overridden by your rights:




  • Improving our AI models and product features through anonymised interaction data

  • Detecting fraud and maintaining the security of our platforms

  • Analysing usage patterns to improve the user experience

  • Moderating community content to protect the safety of our users



Where we rely on legitimate interests, you have the right to object to the processing. See Section 11 for details.



4.3 Consent (Art. 6(1)(a))



Where we rely on your consent, including:




  • Sending marketing communications by email

  • Using IDFA for personalised advertising (where required by applicable law)

  • Using your interaction data to train AI models



You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal. To withdraw consent, contact us at [email protected] or use the in-app settings.



4.4 Legal Obligation (Art. 6(1)(c))



Processing necessary to comply with a legal obligation, including retaining data as required by Latvian and EU law and responding to lawful requests from public authorities.



5. How We Use Your Personal Data



We use your personal data to:




  • Provide and personalise our services, including AI-powered daily tips tailored to your pet’s profile.

  • Operate the AI Chat Assistant, including processing images and files you submit.

  • Deliver care reminders (vaccines, grooming, flea treatments, feeding) based on your pet’s profile.

  • Facilitate and moderate Community interactions, including reviewing reported content.

  • Provide access to the Content Library and Symptom Checker.

  • Send service-related notifications and, where you have consented, marketing communications.

  • Provide third parties with statistical information about our users in aggregate, non-identifiable form only.

  • Keep our application secure and prevent fraud.

  • Use Meta, TikTok, Google Ads, and Apple Search Ads for advertising purposes (subject to your consent where required).

  • Comply with our legal obligations.



6. Automated Decision-Making and Profiling



Dosty uses automated processing to personalise your experience. Specifically:




  • AI Daily Tips are generated by an automated AI system based on your pet’s profile data (species, breed, age, health records). These tips are not reviewed by a veterinarian before delivery and do not constitute veterinary advice.

  • The Symptom Checker uses a rule-based automated system, developed with veterinary professionals, to suggest possible reasons behind a reported symptom based on your questionnaire responses.



These automated processes do not produce legal effects or similarly significant decisions about you. However, in accordance with GDPR Article 22, you may request human review of any personalised output that you believe has adversely affected you, by contacting us at [email protected]. You may also opt out of personalisation in your account settings.



7. Minors



We recommend that minors do not engage independently with the AI Assistant, Symptom Checker, or Community feature without the oversight of a parent or guardian.



For users in the European Union, you must comply with the age requirements of your country. In Germany, for example, users must be at least 16 years old to provide explicit consent for data processing. Users below the required age may use our services with the approval of a parent or legal guardian. If we discover we have unintentionally collected personal data from a child without the required consent, we will delete such data promptly.



If you are a parent and find that your child is using our Platforms without your authorisation, please contact us at [email protected].



In the United States, users must be at least 13 years old to access the Platforms. If we discover we have gathered information from children under 13 without complying with COPPA, we will ensure the data is not disclosed and will promptly delete the account and all related information from our servers.



8. Consent and Disclosure



Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.



9. Marketing and Third-Party Processors



We will not supply your personal information to any third party for the purpose of their direct marketing without your express consent.



 



9.1 Advertising Identifiers



We use IDFA (Identifier for Advertisers) to show you relevant and personalised ads where you have agreed to this. If you agree, you allow us to share data with third-party marketing partners.



9.2 Analytics and Marketing Partners



We use the following third-party service providers to collect and process data on our behalf:




  • AppsFlyer — mobile attribution and analytics

  • Amplitude — product analytics

  • Google Analytics — web and app analytics

  • Meta (Facebook/Instagram) — advertising

  • TikTok — advertising

  • Apple Search Ads — advertising



These providers act as processors or independent controllers in relation to their own platforms. Our use of their services is governed by their respective privacy policies. We encourage you to review those policies.



10. International Data Transfers



Some of our service providers are located outside the European Economic Area (EEA), including in the United States (e.g. AppsFlyer, Amplitude, Google, Meta, TikTok, Apple). When we transfer personal data outside the EEA, we ensure that appropriate safeguards are in place in accordance with GDPR Chapter V, including:




  • Standard Contractual Clauses (SCCs) approved by the European Commission, and/or

  • Adequacy decisions issued by the European Commission for the recipient country, where applicable.



You may request more information about the safeguards in place for specific transfers by contacting us at [email protected].



11. Data Retention



We retain personal data only for as long as necessary for the purposes for which it was collected. Specific retention periods are as follows:




  • Account and pet profile data: retained for the lifetime of your account, plus 30 days following account deletion, after which it is permanently deleted.

  • AI Chat interaction logs: retained for up to 90 days, after which they are deleted or irreversibly anonymised.

  • Images and files submitted via AI Chat: processed in real time and not retained beyond the session unless required for support purposes.

  • Community posts and comments: retained until deleted by you or removed by our moderation team.

  • Symptom Checker responses: stored only in anonymised, aggregate form for tool improvement. Not retained in identifiable form beyond the session.

  • Content Library usage data: retained in anonymised form for up to 12 months for analytics purposes.

  • Marketing and analytics data: retained in accordance with the policies of the respective third-party providers.



12. Legal Obligations and Retention



We will retain documents containing personal data:




  • To the extent that we are required to do so by applicable law.

  • If we believe the documents may be relevant to any ongoing or prospective legal proceedings.

  • In order to establish, exercise, or defend our legal rights.



13. Security



We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access (GDPR Article 32). These measures include:




  • Storage of personal data on secure, password- and firewall-protected servers.

  • Encryption of data in transit and at rest.

  • Restricted access controls limiting who can access personal data internally.

  • Regular review of our security practices.



You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. You are responsible for keeping your account password confidential.



In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with GDPR Article 34.



14. Your Rights Under GDPR



If you are located in the European Economic Area, you have the following rights in relation to your personal data:



 



14.1 Right of Access (Art. 15)



You have the right to obtain confirmation of whether we process your personal data and, if so, to receive a copy of that data and information about how it is processed.



14.2 Right to Rectification (Art. 16)



You have the right to request correction of inaccurate personal data or completion of incomplete data.



14.3 Right to Erasure (Art. 17)



You have the right to request deletion of your personal data in certain circumstances, including where the data is no longer necessary for the purpose it was collected, or where you withdraw consent.



14.4 Right to Restriction of Processing (Art. 18)



You have the right to request that we restrict the processing of your personal data in certain circumstances, for example while a dispute about the accuracy of your data is resolved.



14.5 Right to Data Portability (Art. 20)



Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format, and to transmit that data to another controller.



14.6 Right to Object (Art. 21)



You have the right to object to processing based on legitimate interests (Art. 6(1)(f)), including profiling. You also have the right to object at any time to the processing of your personal data for direct marketing purposes.



14.7 Rights Related to Automated Decision-Making (Art. 22)



You have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. As described in Section 6, our automated processing does not produce such effects, but you may request human review of any personalised output.



 



We will respond to all rights requests within one month of receipt. This period may be extended by a further two months where the request is complex or numerous. We will inform you of any extension within the first month.



To exercise any of these rights, please contact us at [email protected] or through the in-app messaging system. We may ask you to verify your identity before fulfilling your request.



15. Right to Lodge a Complaint



You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes applicable data protection law.



As SIA Dosty is incorporated in Latvia, our lead supervisory authority is:



 



Datu valsts inspekcija (Data State Inspectorate)



Blaumana iela 11/13-15, Riga, LV-1011, Latvia



Website: www.dvi.gov.lv



Email: [email protected]



 



If you are located in another EU member state, you may also contact your local data protection authority. You can find a list of EU DPAs at: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en



16. Third-Party Links



Our application may include links to third-party websites. We have no control over, and are not responsible for, the privacy policies and practices of those third parties.



17. Policy Updates



We may update this policy from time to time. Where changes are material, we will notify you in advance via the application or by email, and where required by law we will seek your consent. The date of the most recent revision is displayed at the top of this policy.



18. Contact Information



For any questions, concerns, or requests relating to this Privacy Policy or your personal data:



SIA Dosty



Valdeku iela 62 k-1 - 4, Riga, Latvia



Email: [email protected]