Last updated: March 2026
We take the protection of our users' personal data seriously. This Privacy Policy explains what personal data we collect and how we use it when you use the BestBuddy mobile and web application (hereinafter: "application"), and how we ensure compliance with applicable data protection legislation (including the General Data Protection Regulation – GDPR and the national Personal Data Protection Act (ZVOP-2)). By agreeing to these terms or by using the application, you consent to the processing of your personal data as described below.
The controller of your personal data is BestBuddy d.o.o., Partizanska cesta 44, 4220 Škofja Loka. As the company is being established and does not yet have an assigned company registration or tax number, this data will be added to the policy when available. For data protection questions, we are available at: privacy@bestbuddy.si.
When using the BestBuddy application, we collect several types of data:
When creating an account, you provide us with basic information such as first and last name, email address, phone number, possible profile photo, address (for geographical matching of offers), and password. For Caregiver registration, we may also require identity data (e.g., scan of personal document) and proof of qualifications or verification (if required or voluntary).
Clients can enter data about their pet into their pet's profile (e.g., name, type and breed, age, gender, size, health information, behavioral characteristics, vaccination status). Caregivers enter data about the services they offer (types of care, experience, price, service location, possible limitations regarding types or sizes of animals, etc.) and can add photos (e.g., of their home or past experiences with animals).
When you make a booking, we record details of the arrangement – including the identities of the Client and Caregiver, description of the agreed service (type of service, dates and times, address of care location, possible access instructions to the home), price, any special requirements or notes, and the selected cancellation policy. We also record the date and time of booking creation and any modifications or cancellations.
Through the application, Clients and Caregivers can communicate with each other (chat messages). This communication is transmitted and stored on BestBuddy servers to enable the service (message delivery) and ensure security (e.g., for resolving possible disputes or abuse). Users are aware and agree that BestBuddy has access to the content of this communication, but will not actively monitor it except when necessary (e.g., dispute report, abuse verification).
To process payment upon booking, you will enter payment card details (cardholder name, card number, expiration date, CVC). This data is directly collected by our payment provider (Stripe) in accordance with the highest security standards (PCI-DSS). BestBuddy itself does not store complete payment card numbers on its servers – we only receive a token or transaction reference and possibly partial data (e.g., last four digits of the card, card type) to enable subsequent charges or payment identification. Caregivers enter their bank account data or linked Stripe account for receiving payments (e.g., IBAN, bank name); this data is securely stored by the payment provider.
Each time you access the application, some technical data may be automatically collected: device IP address, browser type and version (if accessing via web) or mobile application, device operating system, access time, device identifier, application crash data, etc. We may also use cookies and similar technologies to collect data about your use of our website (if using the service via web), e.g., which pages you visited, how long you stayed on certain pages, which link brought you to us, etc. Details about cookies are described in a separate notice (Cookie Policy, if available).
To enable key functionalities of the BestBuddy application, we may collect and process precise location data of the user, when the user explicitly permits this through their device and/or application settings. This includes in particular data about the current location of the device or other data that enables determination of the user's precise location.
We use precise location data for the following purposes:
We may store location data on our servers when this is necessary for service provision, managing bookings, user support, dispute resolution, abuse prevention, and for fulfilling our legitimate interests regarding security and service improvement.
If a user is registered as a Caregiver / Sitter, their precise location or location data may be shared with the Pet Owner, but only if the Caregiver gives explicit permission for this. In such cases, the location is shared only to the extent necessary for the execution or easier coordination of the care service. If the Caregiver does not give such permission, BestBuddy does not share their precise location with the Owner in this manner.
The legal basis for processing precise location data is generally:
The user can change or revoke location access permission at any time in their mobile device settings or, where available, in the application settings. In such cases, some application functionalities may not work correctly or fully.
We may receive data about users from other sources – e.g., if we enable login via social networks (Facebook, Google), we receive basic contact data from there (as you have allowed to share with login). If we conduct Caregiver background checks through an external provider (e.g., criminal record check), we receive the result of that verification (e.g., certificate of no criminal record) from a third party.
We process personal data for the following purposes:
The main purpose of data collection is to enable platform operation – this includes using identification and contact data to create accounts and profiles, connecting Clients and Caregivers based on location and needs, enabling communication between them, concluding bookings, and facilitating payments. This processing is necessary for performance of contract with the user (Article 6(1)(b) GDPR) – without this data, we cannot provide the service.
We use payment data (card tokens, amounts, transaction identifiers) to process payments for bookings, refunds for cancellations, and payouts to Caregivers. We do this based on contractual obligation (providing payment service as part of the BestBuddy service) and legal obligations (maintaining financial records, e.g., under Tax Procedure Act and accounting regulations).
We use contact data (email, phone) to send important notifications about accounts or bookings (e.g., booking confirmations, reminders, notices about changes to Terms or privacy policy). We may occasionally send you promotional messages (e.g., news about new features or special offers), but where required by law, we will obtain your consent. All non-essential communications can be declined or unsubscribed from. We may use data (including content of communications in the application) when responding to your support inquiries or when mediating disputes – this is our legitimate interest (6(1)(f) GDPR) to ensure quality support and resolve potential issues.
Technical and analytical data help us monitor application stability and security – e.g., logging IP addresses can be used to detect suspicious logins (to protect accounts), application crash data for fixing bugs. We may also use aggregated usage data for analysis of which features are most used, thus guiding further development (this represents our legitimate interest for service improvement). Where possible, we use anonymized or at least pseudonymized data for these purposes.
We may process your data to ensure BestBuddy community security – e.g., we may automatically filter messages on the platform to detect fraud, we may reject certain suspicious payments. Such processing is based on the legitimate interest of the company and users to ensure a safe environment and prevent harmful behavior, and partly on legal obligations (e.g., due diligence regarding fraud prevention).
As a company, we must retain certain data due to legal requirements – e.g., invoices and transaction records are kept in accordance with tax legislation and accounting legislation (typically 10 years). We keep records of any consents (e.g., for marketing) as required by GDPR. These processes are based on legal obligations (6(1)(c) GDPR).
Our website and application may use cookies or similar technologies to ensure functionality and analytics. Functional cookies (for login, saving settings) are loaded because they are necessary for service operation. For analytical and advertising cookies (e.g., Google Analytics), we will obtain your consent if required by law. Details about cookies are provided in a separate Cookie Policy accessible on our website.
BestBuddy does not sell or lend your personal data to third parties for their own marketing purposes. However, we share your data with other entities in the following cases:
For service provision purposes, we share certain data between Client and Caregiver. The Caregiver to whom you send an inquiry or booking will see your basic profile data and pet information you provide, as this is necessary for them to assess and accept the booking. When a booking is confirmed, the Client and Caregiver can exchange additional contacts via the application – this information must be used only for the purpose of performing the agreed service and must be kept confidential.
BestBuddy uses trusted third-party providers to facilitate service provision. This includes:
These providers act as processors on behalf of BestBuddy and may use data only in accordance with our instructions and for defined purposes.
If we conduct Caregiver verification (e.g., criminal record) through specialized companies, we provide them with the Caregiver's identification data. They then inform us of the result. Third-party verification partners are contractually obligated to process data only for this purpose and not retain it longer than necessary.
We may disclose your data if required by law or by administrative/procedural court order or other authority. We may also disclose them if reasonably necessary to assert our legal claims or defend against claims or to protect vital interests of an individual.
In case of merger, acquisition, sale of company or assets of BestBuddy, user data may be part of this business transfer. In such a case, we will notify you and ensure that the new data holder handles data in accordance with this privacy policy.
We primarily store your data within Slovenia or the European Union. If any of our processors transfers or stores data outside the EU/EEA, we will ensure that an appropriate protective mechanism is established in accordance with GDPR – for example, concluding EU standard contractual clauses, implementing additional security measures (encryption), etc.
We use reasonable and appropriate administrative, technical, and physical security measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. Among others: servers are protected with controlled access; transmission of sensitive data (e.g., payment data) is encrypted (SSL/TLS); user passwords are stored in hashed form; access to data by employees and contractual processors is limited by the "need-to-know" principle.
We retain your personal data for as long as necessary to fulfill the purposes described in this policy, unless the law requires or permits a longer retention period. For example:
When the retention period expires, we delete or anonymize data in a secure manner so that it cannot be linked to a specific person.
Under GDPR, you have several rights regarding your personal data, which we respect:
You can most easily exercise your rights by sending a request to the email address privacy@bestbuddy.si. We will respond to your request without undue delay, and at the latest within 1 month.
The BestBuddy platform is not intended for persons under 18 years of age. We do not knowingly collect personal data from children. If we discover that a minor has provided personal data without parental or guardian consent, we will delete such data as soon as possible.
We may occasionally update this policy to reflect changes in our business or legislation. When we publish changes, we will notify you with an appropriate notice in the application and update the effective date at the top of the document. Continued use of the BestBuddy service after the effective date of the updated policy means you agree to the changes.
For additional questions about privacy and data protection at BestBuddy, contact us:
BestBuddy d.o.o.
Partizanska cesta 44, 4220 Škofja Loka, Slovenia