Privacy Policy

Your privacy is extremely important to us. This Privacy Policy explains what personal data we collect about you, how we use it, who we share it with and what rights you have.

By using our website critter.top (the “Website”), contacting us, or using our online software-as-a-service platform for veterinarians (the “Platform” or “Services”), you agree to this Privacy Policy.

1. Who we are (Data Controller)

The data controller responsible for your personal data is:

Patrik Linek
Jakubovská ulica 130/22
90062 Kostolište, Slovakia
IČO: 46530126
Phone: +421 0904073676
Email: [email protected]

In this Privacy Policy, “we”, “us” and “our” refer to Patrik Linek as the operator of the Website and provider of the Platform.

Our processing of personal data is primarily governed by:

  • Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), and
  • the Slovak Act No. 18/2018 Coll. on Personal Data Protection, as amended.

2. What information we collect and when

We only collect information that we genuinely need in order to operate our Website and provide and improve our SaaS Platform.

2.1. Information you provide to us directly

You may provide personal data to us in various ways, for example when you:

  • create or manage an account on the Platform;
  • subscribe to our Services (for example, as a veterinary clinic or individual veterinarian);
  • contact us via email, phone or through forms on the Website;
  • request a demo, free trial or price quote;
  • enter into a contract with us (as an individual or as a representative of a veterinary clinic / company);
  • subscribe to our news, updates or marketing communications;
  • take part in a survey, feedback request, or other interaction with us.

Depending on the context, this may include:

  • Name and surname;
  • Job title and professional role;
  • Name and identification details of the veterinary practice/clinic or company you represent;
  • Contact details (email address, telephone number, postal address);
  • Login and account information (username, password – stored in hashed form);
  • Billing and payment details (invoicing address, tax/VAT number, basic payment references – we do not store your full card details);
  • Settings and preferences within the Platform;
  • Contents of your communications with us (emails, messages, feedback, complaints, support requests);
  • Any other information you choose to provide when you interact with us or use our Platform.

If you provide us with personal data of another person (for example, a colleague’s contact details), you are responsible for ensuring that this person has been informed and that you have a lawful basis to share their data with us.

2.2. Information we process on behalf of veterinary clinics (as processor)

Our Platform is designed for veterinarians and veterinary clinics to manage their professional activities. When our clients (veterinary practices) use the Platform, they may upload or otherwise enter personal data of their own clients (animal owners) and related information about animals (patients), such as:

  • data of animal owners: name, contact details, address, appointments, invoices, communication history;
  • data about animals: name, species, breed, age, medical history, diagnoses, prescribed treatment, vaccination records, and other health-related information;
  • data related to appointments, clinical notes, prescriptions, billing and other records managed within the Platform.

In these situations:

  • the veterinary clinic / professional is the data controller, and
  • we act as their data processor, processing such data only on their documented instructions and based on a separate contract (Data Processing Agreement – DPA).

This Privacy Policy focuses on personal data we process as data controller (e.g. website visitors, user accounts, business contacts). Processing that we perform as a processor is governed primarily by the DPA and the terms agreed with the veterinary clinic or company.

2.3. Information we collect automatically

When you visit our Website or use our Platform, we may automatically collect certain technical information, such as:

  • IP address;
  • device type and operating system;
  • browser type and version;
  • language preferences and time zone;
  • URLs of pages visited on our Website or within the Platform, the page you came from and the page you go to;
  • date and time of your visits;
  • identifiers of cookies or similar technologies;
  • log data such as login timestamps, actions within the Platform, error logs.

We collect this information mainly through cookies, logs and similar technologies. For more details, please refer to Section 9 (Cookies and similar technologies).

3. For what purposes we use your information and on what legal bases

We use the information we collect for the following purposes and legal bases under the GDPR:

3.1. To provide and operate our SaaS Platform

Legal basis: performance of a contract (Art. 6(1)(b) GDPR), legitimate interest (Art. 6(1)(f) GDPR)

We use your data to:

  • create and manage user accounts;
  • authenticate users and provide secure access to the Platform;
  • provide the functionalities of the Platform (e.g. patient records, appointment scheduling, invoicing modules);
  • provide technical support and handle service-related communications;
  • manage subscriptions, billing, payments and renewals;
  • ensure the availability, security and performance of the Platform.

3.2. To communicate with you

Legal basis: performance of a contract, legitimate interest, consent (where required)

We may use your contact details to:

  • respond to your questions, requests and complaints;
  • send you important notifications about your account, service changes, security alerts or technical issues;
  • provide onboarding, training or instructions related to the use of the Platform;
  • request feedback to improve our Platform.

Where legally required, we will ask for your consent before sending you marketing communications (see Section 8).

3.3. To improve our Website and Platform

Legal basis: legitimate interest

We analyse how the Website and Platform are used to:

  • maintain and improve their stability and performance;
  • develop new functionalities and features;
  • test and troubleshoot;
  • understand how users navigate and interact with our interfaces;
  • adapt our offerings to the needs of veterinary professionals.

If possible, we use aggregated or anonymised data for analytics.

3.4. To comply with legal obligations

Legal basis: compliance with legal obligations (Art. 6(1)(c) GDPR)

We may process your data to:

  • comply with tax, accounting and other legal duties;
  • respond to lawful requests from public authorities;
  • maintain records required by applicable law.

3.5. To protect our rights and prevent misuse

Legal basis: legitimate interest

We may use your data when necessary to:

  • prevent and detect fraud, abuse or other illegal activities in connection with the Platform;
  • enforce our contractual rights and terms of use;
  • ensure the security of our IT systems and infrastructure;
  • exercise or defend legal claims.

4. Who we share your information with

We do not sell your personal data. We share it only where necessary and on a lawful basis.

Your personal data may be disclosed to:

  • IT and cloud hosting providers who operate our servers, databases, backups and technical infrastructure used for the Platform and Website;
  • providers of professional services such as accountants, tax advisors or legal advisers, who are bound by confidentiality obligations;
  • payment service providers or banks involved in processing your subscription payments;
  • analytics or communication service providers (for example, where we use third-party tools for email delivery, analytics, error tracking or in-app messaging);
  • public authorities, courts, law enforcement or regulatory bodies, where required by law or necessary to protect our rights.

Where we share data with processors, we conclude appropriate data processing agreements as required by GDPR.

In the event of a business restructuring (for example, if we transfer part of our SaaS business), personal data may be transferred to a successor organisation in compliance with applicable data protection law.

5. International transfers of your data

We are based in Slovakia and primarily process your personal data within the European Economic Area (EEA).

If we transfer your personal data outside the EEA (for example where certain cloud or email providers are located or store data), we will ensure that such transfer is carried out in accordance with GDPR, for example by:

  • relying on an adequacy decision of the European Commission, or
  • using Standard Contractual Clauses or other appropriate safeguards.

You can contact us for more information about the specific safeguards we use for international transfers.

6. How we protect your information

We take the security of your personal data and the data stored within our Platform seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, misuse or alteration, including:

  • use of secure connections (HTTPS/TLS) on the Website and Platform;
  • limiting access to personal data to authorised persons only, based on the principle of least privilege;
  • using strong authentication and access control mechanisms;
  • regular updates and security patches for our systems and software;
  • backup and recovery procedures for critical data;
  • logging and monitoring of relevant system activities.

Please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. However, we do our best to protect your data in line with legal requirements and industry good practice.

7. How long we keep your information

We keep your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy or as required by law.

In particular:

  • Account and subscription data are kept for the duration of your use of the Platform and for a reasonable period thereafter, for example to handle any claims, disputes or reactivation;
  • Contract, invoice and payment-related data are generally kept for the period required by accounting and tax legislation;
  • Technical.logs and usage data for the Platform are kept for shorter periods (typically up to 12–24 months), unless longer retention is necessary for security, troubleshooting or legal reasons;
  • Data processed based on your consent (e.g. marketing subscriptions) are kept until you withdraw your consent or until they are no longer needed.

For data that we process as a processor on behalf of veterinary clinics (Section 2.2), the retention periods are determined by the respective controller and regulated in the DPA and/or the contract with that controller.

After the relevant retention period, personal data are deleted or anonymised.

8. Marketing communications

We may use your contact details (such as email address) to send you information about:

  • updates and improvements to our veterinary SaaS Platform;
  • new features, modules or integrations;
  • invitations to webinars, training or events;
  • surveys or feedback requests;
  • other news related to our business and services for veterinarians.

Where required by law, we will only send you such communications with your prior consent, or on the basis of our legitimate interest where permitted (for example, if you are an existing customer and we are informing you about similar services).

You can opt out of marketing communications at any time by:

  • clicking the “unsubscribe” link included in each marketing email, or
  • contacting us at [email protected].

Even if you opt out of marketing messages, we may still send you service-related communications (for example, important information about your account, security or Platform availability).

9. Cookies and similar technologies

Our Website and Platform may use cookies and similar technologies to collect and store certain information when you visit or log in.

Cookies are small text files placed on your device that help us:

  • make the Website and Platform work properly (essential/functional cookies);
  • remember your login session and user preferences (e.g. language, interface settings);
  • perform statistics and analytics on how our Website and Platform are used;
  • in some cases (if used and only with your consent), deliver or measure marketing/advertising.

You can control cookies through your browser settings, where you can usually:

  • block all cookies;
  • allow only some types of cookies;
  • delete cookies already stored on your device.

Please note that blocking certain cookies, especially those that are strictly necessary, may affect the proper functioning of the Platform or your ability to log in and use its features.

If we use third-party cookies (for example, for analytics or embedded content), the processing of data through those cookies is also subject to the privacy policies of the respective third parties.

10. Your rights

Under the GDPR and Slovak data protection law, you have the following rights in relation to your personal data (subject to certain conditions and exceptions):

  1. Right of access – to obtain confirmation whether we process your personal data and, if so, to receive a copy and information about the processing.
  2. Right to rectification – to have inaccurate or incomplete personal data corrected.
  3. Right to erasure – in certain cases, to request deletion of your personal data (“right to be forgotten”).
  4. Right to restriction of processing – to request that we limit the processing of your personal data under certain circumstances.
  5. Right to data portability – to receive personal data you provided to us in a structured, commonly used and machine-readable format and have it transmitted to another controller, where technically feasible and where the processing is based on consent or contract and carried out by automated means.
  6. Right to object – to object, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling. You also have the right to object at any time to processing for direct marketing purposes.
  7. Right to withdraw consent – if processing is based on your consent, you may withdraw your consent at any time. This does not affect the lawfulness of processing carried out before the withdrawal.
  8. Right to lodge a complaint – if you believe your rights have been violated, you can lodge a complaint with a supervisory authority (see Section 11).

To exercise your rights, please contact us using the details in Section 12. We may need to verify your identity before responding to certain requests.

11. Supervisory authority and complaints

If you have concerns about how we handle your personal data, we encourage you to contact us first so that we can try to resolve the issue.

You also have the right to lodge a complaint with the competent data protection authority, in particular:

Úrad na ochranu osobných údajov Slovenskej republiky
Hraničná 12
820 07 Bratislava 27
Slovak Republic

You can find more information about your rights and how to lodge a complaint on the authority’s website.

12. Contact details

If you have any questions about this Privacy Policy or how we process your personal data, or if you wish to exercise your rights, you can contact us at:

Patrik Linek
Jakubovská ulica 130/22, 90062 Kostolište, Slovakia
IČO: 46530126
Phone: +421 0904073676
Email: [email protected]

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes in our processing activities, legal requirements or technical developments.

The most current version will always be available on our Website. We will indicate the date of the latest update at the top of this document. In case of material changes, we may inform you more directly (for example by email, if appropriate).

By continuing to use our Website or Platform after changes to this Privacy Policy take effect, you are deemed to have accepted the updated version.