← Back to SitStayPlay

Privacy Policy

Last updated: May 11, 2026

SitStayPlay (“we,” “our,” “us”) operates sitstayplay.app, a search and discovery service for dog-friendly venues. This Privacy Policy explains what information we collect, why, how it’s used, and your rights to access, correct, or delete it. By using the site you agree to this policy.

1. Information we collect

You give us

• Account info — when you sign in with Google or create an email/password account, we store your email address, display name, profile photo URL (if you upload one), and an encrypted password (email accounts only).
• Dog profiles — name, breed, photo, and optionally vaccination records you choose to upload.
• Check-ins, reviews, and reports — what you write and the venues you tag.
• Venue suggestions and corrections — submissions to our moderation queue.
• Payment info (premium venues only) — billing handled by Stripe; we never see your card number. We store the Stripe customer + subscription ID.

Collected automatically

• Search queries — the location text or coordinates you search, plus the venue types you filter for. Aggregated to improve coverage.
• Visitor analytics — page URL, anonymized IP, user agent, referrer. Used to understand site usage.
• Session tokens — when you sign in, a token is stored in your browser’s localStorage so you stay signed in.
• Cookies — we don’t set marketing cookies. Once Google AdSense is active, Google may set ad cookies described in their advertising policy.

2. How we use your information

• Provide search results and personalize your experience (signed-in users see their reviews, dogs, and check-ins).
• Send transactional emails: account verification, password reset, review notifications, vaccination record forwarding to premium venues.
• Improve venue classification accuracy using aggregated search and report data.
• Detect and prevent fraud or abuse (e.g., brute-force login protection).
• Process premium-venue subscriptions via Stripe.

3. Third-party services

We rely on the following services. Each has its own privacy policy that governs how they handle your data:

• Google Places API + Google Maps — venue search and map display. Google Privacy Policy.
• OpenStreetMap / Nominatim — supplemental venue data + geocoding. OSMF Privacy.
• Stripe — premium subscription billing. Stripe Privacy.
• Google OAuth, Apple Sign-In, Facebook Login — single-sign-on for accounts. We receive only your email + name from these providers; they receive nothing about your activity on our site.
• Google AdSense — when active, displays one ad per page. Google uses cookies and device identifiers to serve relevant ads; details in Google’s ad policy.
• SMTP email provider — sends transactional email.
• MochaHost — hosting provider for the application and database (US-based).

4. What we don’t do

• We don’t sell your personal information.
• We don’t share your dog’s vaccination records with anyone except the premium venue you explicitly checked into.
• We don’t use your data to train AI models.
• We don’t track you across other websites.

5. Your rights

• Access — sign in and view your profile, dogs, reviews, and check-ins.
• Correction — edit your profile, dog records, and reviews directly in the app.
• Export — open your profile, click Edit Profile, and use the Export My Data button. We’ll generate a JSON file of everything we have on your account: profile, dogs, vaccinations, reviews, replies, and check-ins.
• Deletion — same place: Delete My Account. The action is irreversible and removes your account, dogs, vaccinations, reviews, replies, and check-ins within 30 days. Some records may remain in aggregated, anonymized form (e.g., total search counts).
• EU/UK users — under GDPR you have additional rights to portability, restriction, and objection. The Export and Delete buttons above cover portability and erasure; for anything else, write to hello@sitstayplay.app.
• California users — under CCPA you may request a copy of personal information and deletion at any time, using the buttons above or by contacting us.

6. Children

SitStayPlay is not directed at children under 13. We don’t knowingly collect information from anyone under 13. If you believe a child has created an account, email us and we’ll delete it.

7. Security

Passwords are hashed (bcrypt). Sessions use rotating tokens. The database is on a server with restricted access. We can’t guarantee absolute security, but we treat your data as if it were our own.

8. Data retention

We keep account data while your account is active. Search logs are kept up to 12 months. Cached venue data refreshes on a rolling basis. Deleted accounts are removed within 30 days.

9. Changes to this policy

If we make material changes, we’ll update the “Last updated” date at the top and post a notice on the homepage. Continued use after a change means you accept the new policy.

10. Contact

Questions, requests, or complaints: hello@sitstayplay.app.

SitStayPlay is operated by Stephen Bridges. Not affiliated with Google, OpenStreetMap, Stripe, Apple, or Facebook.