GoFetch - Privacy Policy

Last updated: July 17, 2026

This Privacy Policy explains how GoFetch ("GoFetch", "we", "us") collects, uses, shares, and protects information when you use the GoFetch mobile app and related services (the "Service"). By using GoFetch you agree to the practices described here.

If you do not agree, please do not use the Service.

1. Who we are

GoFetch is operated by GoFetch. Registered address is available upon request. You can reach us at hello@joingofetch.com.

2. Information we collect

2.1 Information you provide

  • Account: email, password (stored hashed), and if you choose social login, the identifier we receive from Apple or Google. Phone number is optional and is used to receive a one-time verification code.
  • Profile: name, date of birth, gender, country, city, biography, what you are "looking for" (friendship or romance), profile photos, photo gallery, and interests/personality tags.
  • Dog profile: dog name, gender, age, breed, size, weight, allergies, comorbidities, photos, and personality tags.
  • User content: messages, photo and video attachments you send in chat, calendar events you create, places you favorite, content you submit to AI assistants (Vet, Local Guide, Trip Concierge), and inputs to the diet planner.
  • Matching activity: swipes (like/reject), matches, and icebreakers.
  • Notification preferences and privacy toggles (e.g. show distance, hide age, hide profile, share location).

2.2 Information collected automatically

  • Location: with your permission, we use your device's precise location to show nearby spots, nearby matches, and distance to other users. You can disable location in iOS Settings; some features will then be limited.
  • Device data needed to deliver the Service: app version, OS version, authentication tokens, push-notification token, and the IP address used for the request.

2.3 Information from third parties

  • Apple Sign-In / Google Sign-In - when you sign in with Apple or Google, we receive a stable identifier and (subject to your choices) your name and email.
  • Google Places - when you search or save a place, we receive a place identifier and address from Google Maps Platform.
  • AppsFlyer — we use AppsFlyer, a mobile attribution and marketing-analytics provider, to measure which campaigns, links, and QR codes lead to app installs. With your permission (via the iOS App Tracking Transparency prompt), AppsFlyer may use your device's advertising identifier (IDFA) for this measurement. You can decline in iOS Settings, and we will not use the IDFA. We do not sell your personal information or use it for third-party behavioral advertising.

2.4 Waitlist and SMS marketing consent

  • If you join the GoFetch waitlist at joingofetch.com, we collect your phone number only after you explicitly check a marketing consent checkbox stating: "I agree to receive SMS marketing messages from GoFetch about app updates and launch news. Msg & data rates may apply. Message frequency varies. Reply STOP to opt out, HELP for help."
  • Message frequency: one message per subscriber (the launch announcement), with any additional messages sent only while you remain opted in.
  • You can opt out at any time by replying STOP, or request help by replying HELP. No mobile information collected for SMS marketing, including phone numbers and opt-in status, is shared with third parties or affiliates for their own marketing or promotional purposes.

2.5 Biometric information (optional identity verification)

GoFetch offers an optional identity-verification feature. If you choose to verify, the app captures a short selfie video on your device and streams it directly to Amazon Web Services (AWS) over an encrypted connection; the video never passes through GoFetch's servers and is not stored by us. AWS uses it to confirm you are a real, live person (liveness check) and to compare a still image from the video against the photos already on your profile (face-match check). A separate still image is sent to Google Cloud Vision for non-biometric safety checks (safe-search, image quality, and detection of printed photos or screens). GoFetch receives and stores only a liveness score, a face-similarity score, and a pass/fail outcome — never the video or the facial scan — and keeps them for up to 12 months, after which they are deleted and verification expires. Verification is entirely optional; every other feature works whether or not you verify. Illinois residents: see Section 10 for your rights under the Biometric Information Privacy Act.

3. How we use information

We process the information above to:

  • create and secure your account;
  • show your profile to other users for matching, and surface matches and chats to you;
  • find and recommend nearby spots and other users;
  • deliver chat messages and attachments;
  • generate AI assistant replies and personalized diet plans;
  • send service messages, OTP codes, and (if enabled) push notifications for new matches, messages, and reminders;
  • send SMS marketing messages, such as launch announcements, to waitlist subscribers who have explicitly opted in;
  • enforce our terms, prevent abuse, and meet legal obligations.

We do not sell your personal information and we do not share it for behavioral advertising. Mobile information collected for SMS marketing purposes, including phone numbers and consent status, is not shared with third parties or affiliates for their own marketing or promotional purposes.

4. Service providers (sub-processors)

We share information with the following providers strictly to operate the Service. Each is bound by confidentiality and data-protection terms.

ProviderPurposeData shared
Google Cloud (hosting, Cloud Storage)App and database hosting; storage of photos and chat attachmentsAll categories above
Google Maps PlatformPlaces search / autocompleteApproximate location, place identifiers
OpenAIAI assistant responses (Vet / Local Guide / Trip Concierge) and diet-plan generationThe text and dog-profile data you submit to the assistant
Apple Push Notification serviceDelivery of push notificationsDevice push token, message payload
Apple / Google identity providersSocial sign-inIdentifier, name, email (subject to your choices)
Email / SMS delivery providersTransactional mail and OTP codesYour email or phone number
TwilioA2P 10DLC SMS marketing delivery for waitlist launch announcementsYour phone number and the message content sent to you
AppsFlyerMobile attribution and marketing analyticsDevice identifiers (including IDFA, with your consent), install and attribution events, and your user ID
Amazon Web Services (AWS Rekognition)Optional identity verification — liveness check and face-matchSelfie video and the facial scan derived from it (biometric), streamed directly from your device; the reference image is deleted by AWS within 7 days
Google Cloud VisionNon-biometric image safety checks during verification (safe-search, image quality, printed-photo/screen detection)A single still image extracted from the verification video; processed transiently, not stored

We may also disclose information when required by law, to protect users or the Service, or in connection with a corporate transaction, in which case we will require recipients to honor this Privacy Policy.

5. International transfers

We are based in the United States; your information may be processed in countries that may not provide the same level of protection as your own. Where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.

6. Retention

We keep your account information while your account is active. When you delete your account, we delete or anonymize your personal data within 30 days, except where we must retain limited records to comply with law, resolve disputes, or enforce our agreements. Backups are purged on rolling schedules.

7. Your rights and choices

Depending on where you live (including under the GDPR in the EEA/UK and the CCPA/CPRA in California), you may have rights to:

  • access the personal data we hold about you;
  • correct or update it;
  • delete it;
  • object to or restrict certain processing;
  • export it in a portable format;
  • withdraw consent (e.g. revoke location permission in iOS Settings).

To exercise these rights, contact hello@joingofetch.com. We will verify your identity before responding.

Account deletion

You can delete your account from inside the app, under Settings → Account → Delete account. This permanently removes your profile, dogs, photos, messages, matches, AI conversations, and diet plans, and revokes your refresh tokens.

8. Children

GoFetch is not directed at children under 16, or under 13 where applicable. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us and we will delete it.

9. Security

We use TLS in transit, encrypted storage at rest, hashed passwords, short-lived access tokens, and rotated refresh tokens. No system is perfectly secure; please use a strong password and keep your device safe.

10. Illinois residents — BIPA notice

If you live in Illinois, the following applies to you under the Illinois Biometric Information Privacy Act (740 ILCS 14).

  • What we collect. GoFetch's optional face-verification feature collects a biometric identifier (a facial scan) and biometric information derived from it (liveness and face-similarity scores), as those terms are defined under BIPA.
  • Purpose. We collect this data solely to verify your identity — to confirm you are a live person and that you match the photos on your profile.
  • Retention and destruction. The liveness reference image is held by AWS inside the verification session for up to 7 days, after which AWS deletes it automatically. GoFetch retains the liveness/match scores and verification outcome for up to 12 months from the date you verify, after which they are permanently deleted and your verified status expires. If you delete your account sooner, we delete these records as part of standard account deletion (within 30 days).
  • Consent. GoFetch obtains your written, informed consent through an in-app consent screen before collecting any biometric data. The feature does not activate without your active agreement.
  • No sale or profit. GoFetch does not sell, lease, trade, or otherwise profit from your biometric data.
  • Disclosure. Your biometric data is disclosed only to Amazon Web Services as a sub-processor, solely to perform the verification and under a written data-protection agreement. No other third party receives your biometric data.

To request deletion of your biometric data ahead of this schedule, or with any questions, contact us at hello@joingofetch.com.

11. Changes

We will post any changes to this Privacy Policy in the app and update the "Last updated" date. Material changes will be notified in-app or by email.