VetGenius.AI
Language:

Privacy Policy

Last updated: 13 May 2026

1. Introduction

VetGenius is a software product of H2M.AI BV ("H2M.AI", "we", "our", "us"), a private limited company incorporated in Belgium with registered offices at Groenveldlaan 31, 1860 Meise, Belgium, registered with the Crossroads Bank for Enterprises under number BE 1022.667.337.

This Privacy Policy explains how we collect, use, share, and protect personal data when you use the VetGenius mobile application, web application, and related services (collectively, the "Services"). It applies to:

  • Veterinarians and clinic staff who use VetGenius as part of their work ("Users");
  • Pet owners and clients of veterinary clinics whose data is processed in VetGenius ("Data Subjects").

We act as a data processor on behalf of veterinary clinics for clinical and client-related data. We act as a data controller for account data of our direct Users (veterinarians and clinic staff) and for our own operational purposes such as analytics, security, and support.

2. Information We Collect

2.1 Account & Identity Information

When you create a VetGenius account we collect: full name, email address, optional phone number, clinic or organization name, role within the organization, encrypted password (we never see your plaintext password), and language and locale preferences.

2.2 Voice Recordings (Scribe & Consultation Transcription)

When you use voice-driven features such as automatic consultation note-taking, short-form audio recordings of your speech are transmitted securely to Google's Gemini API for transcription. Audio is processed in real time and is not retained by Google beyond the processing window in accordance with Google's data processing terms. Transcribed text is retained as part of the consultation note. We do not use voice recordings to train AI models.

2.3 Camera and Photo Data

When you grant camera access, VetGenius accesses your device camera to capture or select photos for consultation records. Photos are stored in encrypted cloud storage tied to your clinic's account.

2.4 Clinical and Client Data

VetGenius stores data about veterinary clinic operations on behalf of clinics, including: pet owner contact information; animal records (species, breed, weight, medical history); consultation notes, diagnoses, treatment plans; prescriptions and controlled-substance logs; invoicing and payment data; stock and inventory data. Clinics are the data controllers for this information. H2M.AI processes it on their behalf under a Data Processing Agreement.

2.5 Device and Usage Data

We automatically collect device type, OS version, app version, IP address (used for approximate, city-level location only), crash reports, diagnostic logs, and pseudonymized feature-usage analytics.

2.6 Cookies and Similar Technologies

On our website (vetgenius.ai) we use essential cookies for session management. We do not use third-party advertising or tracking cookies.

3. How We Use Your Information

  • Service delivery — providing the VetGenius application and its features.
  • Account management — authentication, password resets, customer support.
  • AI-powered features — transcription and decision-support suggestions, always under your control.
  • Communications — transactional emails about your account or service updates.
  • Security — detecting fraud, abuse, and unauthorized access.
  • Compliance — meeting legal obligations such as record-keeping for controlled substances and tax invoicing.
  • Product improvement — aggregated analytics about feature usage.

We do not sell personal data, profile you for advertising, or train external AI models on your data without explicit consent.

5. Sharing Your Information

We share personal data only with the following categories of recipients:

5.1 Sub-processors

  • Google LLC / Google Ireland Limited — Firebase Authentication, Firestore database, Cloud Storage, Gemini AI inference (transcription and decision support). Data may be processed in the EU and the United States under Standard Contractual Clauses.
  • Vercel Inc. — hosting of the vetgenius.ai marketing website. No clinical data is hosted on Vercel.
  • Transactional email providers (e.g., SendGrid, Postmark) — delivery of password resets and account notifications.

A current list of sub-processors is available upon written request to privacy@vetgenius.ai.

5.2 Within Your Clinic Organization

Other authorized users of your clinic's VetGenius workspace may access the data you create as part of shared practice operations.

5.3 Authorities and Legal Process

We may disclose personal data when required by law, court order, or to comply with regulatory obligations (for example, AFMPS audits for controlled substances).

5.4 Business Transfers

If H2M.AI undergoes a merger, acquisition, or asset sale, your information may be transferred to the successor entity, subject to this Privacy Policy.

We do not sell personal data.

6. International Data Transfers

Some of our sub-processors (notably Google) operate data centers outside the European Economic Area. When data is transferred outside the EEA, we rely on European Commission adequacy decisions where applicable, Standard Contractual Clauses (Decision 2021/914) as supplementary safeguards, and additional technical measures including encryption at rest and in transit. You may request a copy of the relevant transfer safeguards by contacting privacy@vetgenius.ai.

7. Data Retention

Data typeRetention period
Account dataWhile account active + 12 months after deletion
Clinical and client dataAs long as the clinic's account is active. Upon termination, exported within 30 days and deleted within 90 days, unless legal retention requires longer (e.g., 5 years for accounting records under Belgian law)
Audio recordingsNot stored — transcribed and discarded in real time; transcribed text is retained as part of the consultation note
BackupsUp to 35 days
System logsUp to 12 months

8. Your Rights under GDPR

Subject to applicable law, you have the right to:

  • Access your personal data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Erasure — the right to be forgotten (Art. 17)
  • Restrict processing (Art. 18)
  • Portability — receive a copy of your data in a structured format (Art. 20)
  • Object to processing based on legitimate interests (Art. 21)
  • Withdraw consent at any time, where consent is the legal basis
  • Lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de Protection des Données) at www.gegevensbeschermingsautoriteit.be

To exercise any of these rights, email privacy@vetgenius.ai. We will respond within 30 days. If you are a pet owner whose data is held in a clinic's VetGenius workspace, please contact your veterinary clinic first — they are the data controller for that data.

9. Security

We protect personal data with technical and organizational measures including TLS 1.2+ encryption in transit, AES-256 encryption at rest, role-based access controls, multi-factor authentication for staff with administrative access, regular security reviews and dependency patching, and incident response procedures. In the event of a personal data breach, we will notify affected parties and the supervisory authority within 72 hours where required by Article 33 GDPR.

10. Children's Privacy

VetGenius is intended for use by adult veterinary professionals and adult clients of veterinary clinics. We do not knowingly collect personal data from individuals under 16 years of age.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified by email and via in-app notification at least 30 days before they take effect. The "Last updated" date at the top reflects the most recent change.

12. Contact

For questions about this Privacy Policy, to exercise your rights, or to file a complaint:

H2M.AI BV
Groenveldlaan 31
1860 Meise
Belgium
VAT: BE 1022.667.337

Email: privacy@vetgenius.ai