Privacy Policy

Privacy Policy

Effective Date: February 1, 2025

Pet Cab NYC LLC "we," "our," "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share your personal information when you visit our website [www.PetCab.NYC] (the "Site") and use our services. By accessing and using our Site, you agree to the terms of this Privacy Policy.

1. Information We Collect

We may collect the following types of information:

  • Personal Information: When you use our Site, register for an account, or contact us, we may collect personal details such as your name, email address, phone number, and billing information.

  • Usage Data: We may collect information about how you access and interact with our Site, such as IP addresses, browser type, device type, and browsing activity.

  • Cookies and Tracking Technologies: We use cookies and similar tracking technologies to enhance your experience on our Site and to gather analytics. You can control the use of cookies through your browser settings.

2. How We Use Your Information

We may use the information we collect for the following purposes:

  • To provide and maintain our services

  • To personalize your experience and improve our Site

  • To communicate with you, respond to your inquiries, or send updates

  • To process transactions and fulfill orders

  • To analyze usage patterns and improve our offerings

  • To comply with legal obligations and protect our legal rights

3. Sharing Your Information

We do not share your mobile information with third parties for marketing purposes.'
The privacy policy does not explicitly state a commitment not to transfer consumer data to external organizations, as it allows sharing with service providers. To fully meet the requirement, the policy could include a statement clarifying that data will only be shared with third parties under strict conditions and with user consent. For example, 'We will not transfer your personal data to external organizations without your consent, except as necessary to provide our services or comply with legal obligations.'
The privacy policy should include a section acknowledging the consumer's right to opt out of messaging campaigns and provide clear instructions on how to do so. For example, it could state: 'You have the right to opt out of receiving SMS messages from us at any time. To opt out, please reply 'STOP' to any message you receive from us or contact us at Info@PetCab.NYC.

We do not sell, rent, or trade your personal information to third parties. However, we may share your information in the following cases:

  • With Service Providers: We may share your data with trusted third-party vendors and partners who assist in operating our Site and providing services (e.g., payment processors, hosting providers).

  • Legal Compliance: We may disclose your information if required to do so by law or to protect our rights, safety, or property, or the rights, safety, or property of others.

4. Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

5. Your Rights

Depending on your location, you may have certain rights regarding your personal data, including:

  • The right to access, correct, or delete your personal information

  • The right to object to or restrict the processing of your data

  • The right to withdraw consent where applicable

  • The right to data portability

To exercise these rights, please contact us at [contact email/phone].

6. Security

We implement reasonable security measures to protect your personal information from unauthorized access, use, or disclosure. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

7. International Transfers

If you are accessing our Site from outside [your country], your personal information may be transferred to and processed in [your country]. By using our Site, you consent to this transfer.

8. Children’s Privacy

Our Site is not intended for children under the age of 13 (or 16, depending on your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child, we will take steps to delete that information as soon as possible.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Effective Date." We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Pet Cab NYC

Info@PetCab.NYC

917-982-6335


We do not share your mobile information with third parties for marketing purposes.'
For any questions or concerns regarding SMS messages, please contact us at Info@PetCab.NYC or call 917-982-6335.
The data will only be shared with third parties under strict conditions and with user consent. We will not transfer your personal data to external organizations without your consent, except as necessary to provide our services or comply with legal obligations. We do not share your mobile information with third parties for marketing purposes.

We will not transfer your personal data to external organizations without your consent, except as necessary to provide our services or comply with legal obligations

Our specific policies to prevent unauthorized sharing of user data are as follows:

To prevent unauthorized sharing of user data, we adopt a set of comprehensive policies that ensure data protection, compliance with relevant regulations, and secure handling of sensitive information. Here are some specific policies that can help safeguard user data from unauthorized sharing:

1. Data Access Control Policy

  • Principle of Least Privilege: Ensure that only authorized personnel have access to user data based on their role and necessity.

  • User Authentication and Authorization: Implement strong authentication mechanisms (e.g., two-factor authentication) to prevent unauthorized access.

  • Access Review and Auditing: Regularly audit who has access to what data, and review these privileges on a periodic basis to ensure they are still required.

2. Data Encryption Policy

  • Encryption in Transit: Ensure that user data is encrypted when being transmitted over networks (e.g., using HTTPS, SSL/TLS protocols).

  • Encryption at Rest: Encrypt sensitive data stored in databases or file systems to protect against data breaches.

  • Key Management: Implement a secure key management process to protect encryption keys.

3. Data Retention and Disposal Policy

  • Data Minimization: Only collect and store user data that is necessary for business operations.

  • Data Retention Limits: Define clear retention periods for different types of data. After the retention period expires, securely delete or anonymize data.

  • Secure Disposal: Ensure that data is securely deleted from all systems and backups when no longer needed.

4. Third-Party Data Sharing Policy

  • Due Diligence: Conduct thorough due diligence before sharing any data with third parties to ensure they have appropriate data protection practices in place.

  • Contractual Safeguards: Include data protection clauses in contracts with third-party vendors, ensuring they adhere to your data protection standards.

  • Third-Party Audits: Regularly audit third-party vendors for compliance with the organization's data protection policies.

5. Data Breach Response Policy

  • Incident Response Plan: Develop and implement an incident response plan to address potential data breaches. This should include procedures for reporting breaches, mitigating their impact, and informing affected users.

  • Notification Procedures: Follow legal and regulatory requirements for notifying users about data breaches, including the timeline for notification.

  • Post-Breach Analysis: After a breach, conduct a post-mortem analysis to understand its causes and improve future protections.

6. User Privacy Policy

  • Transparency: Clearly inform users about what data is being collected, why it is being collected, and how it will be used.

  • Consent Management: Obtain user consent before collecting and sharing their data. Ensure that users can easily withdraw their consent at any time.

  • Data Subject Rights: Provide users with the ability to access, correct, delete, or restrict the use of their data.

7. Employee Data Security Policy

  • Training and Awareness: Regularly train employees on data protection principles, the importance of safeguarding user data, and how to recognize potential threats (e.g., phishing).

  • Separation of Duties: Ensure no single employee has control over all stages of data management (collection, processing, and sharing) to reduce the risk of unauthorized sharing.

  • Monitoring and Auditing: Implement monitoring systems to track employee activities related to user data and alert management to any unusual or unauthorized actions.

8. Data Anonymization and Pseudonymization Policy

  • Data De-identification: Use anonymization or pseudonymization techniques when possible to protect user identities when sharing data for analysis or research purposes.

  • Access Control for Anonymized Data: Even anonymized data should be securely protected, as there is always a risk of re-identification.

9. Compliance and Regulatory Policy

  • Adherence to Laws: Ensure compliance with data protection regulations such as the GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and HIPAA (Health Insurance Portability and Accountability Act), where applicable.

  • Regular Audits: Conduct periodic audits to ensure compliance with privacy regulations and internal data protection policies.

10. Security Awareness and Whistleblower Policy

  • Reporting Mechanisms: Establish clear channels for employees or contractors to report suspicious activities or potential breaches related to data privacy.

  • Anti-Retaliation: Ensure employees feel safe reporting incidents without fear of retaliation, creating a culture of accountability.

11. Data Sharing and Transfer Policy

  • Cross-Border Data Transfers: Implement safeguards for transferring data across borders, particularly to regions with less stringent data protection laws. This may include using standard contractual clauses or other legal mechanisms to ensure data security.

  • Internal Sharing Restrictions: Limit internal data sharing to only those who need it for specific business purposes, and monitor sharing practices to prevent misuse.

By implementing these policies, we can reduce the risk of unauthorized data sharing and maintain trust with their users. These practices should be regularly updated to address new threats and ensure ongoing compliance with evolving privacy laws.