Privacy Policy
1. Introduction
Healvet USA Inc. (“Healvet,” “Company,” “we,” “our,” or “us”) maintains this Privacy Policy to delineate the protocols for the collection, processing, and transmission of Personal Identifiable Information (PII) and electronic data via www.healvet.us(the “Website”). This policy governs data lifecycle management for users in the United States, the European Economic Area (EEA), and other jurisdictions subject to applicable data protection frameworks.
2. Data Categorization and Collection
We aggregate data through the following vectors:
2.1 User-Provisioned PII
• Legal Identity: Full name.
• Contact Vectors: Email address, telephony data.
• Logistics & Billing: Shipping and billing addresses.
• Authentication Credentials: Encrypted username/password hashes.
• Transactional Metadata: Purchase history and SKU preferences.
2.2 Automated Data Acquisition (Log Files & Telemetry)
• Networking Metadata: IP addresses, referring/exit URLs.
• Environmental Specs: Browser engine/version, device hardware identifiers.
• Session Metrics: Clickstream data, dwell time, and page-level interactions.
2.3 Financial Data Handling
Payment instrument details are handled exclusively via PCI-DSS compliant third-party gateways. Healvet does not store raw Primary Account Numbers (PAN) or CVV data on internal servers.
1. GDPR Legal Basis for Processing (EEA)
Processing of EEA data subjects is conducted under the following frameworks:
• Contractual Necessity: Fulfillment of purchase agreements.
• Statutory Obligation: Compliance with tax, accounting, and regulatory reporting.
• Legitimate Interests: Fraud mitigation, network security, and service optimization.
• Consent: Opt-in mechanisms for non-functional cookies and marketing telemetry.
1. Functional Use Cases Aggregated data is utilized for:
• Provisioning and administrative management of user accounts.
• Transactional execution and fulfillment logic.
• Deployment of critical system and order notifications.
• Security auditing and anti-fraud heuristics.
• Compliance with subpoena and statutory requirements.
1. Cookies and Tracking Mechanisms
The Website utilizes HTTP cookies and tracking pixels for session persistence, state management, and traffic analytics. Users may configure User Agent (UA) settings to reject cookies; however, this may degrade application functionality. EEA users are provided with a granular Consent Management Platform (CMP).
2. Data Dissemination
Healvet does not monetize personal data through sale. Data transfer occurs only with:
• Authorized Payment Processors (e.g., Stripe, PayPal).
• Logistics and 3PL providers for fulfillment.
• Infrastructure and managed hosting providers.
• Legal authorities pursuant to valid judicial process.
1. Data Retention Policy
Data is retained for the minimum duration required to satisfy the functional use cases outlined in Section 4, or as mandated by statutory retention periods (e.g., IRS or GDPR requirements).
2. Information Security Architecture
We employ technical and organizational measures (TOMs) to safeguard data integrity:
• Transport Layer Security (TLS/SSL) for all data in transit.
• AES-256 encryption for data at rest where applicable.
• Role-Based Access Control (RBAC) for internal data access.
• Periodic vulnerability assessments.
1. Jurisdictional Rights
9.1 CCPA/CPRA (California) Residents possess the right to:
• Disclosure: Access categories of collected data.
• Deletion: Request erasure of PII.
• Opt-Out: Prevent the "sharing" of data for cross-contextual behavioral advertising.
• Non-Discrimination: Exercise rights without service degradation.
9.2 GDPR (EEA) Data subjects possess the right to:
• Access and Portability: Receive data in a structured, machine-readable format.
• Rectification: Correct data inaccuracies.
• Erasure: The "Right to be Forgotten."
• Objection: Oppose processing based on legitimate interests.
To exercise these rights, contact: info@healvet.us
1. Cross-Border Data Transfers
Data originated outside the U.S. is transferred to and processed on U.S.-based infrastructure. These transfers are governed by Standard Contractual Clauses (SCCs) to ensure equivalent levels of protection.
2. COPPA Compliance (Children’s Privacy)
The Website is not directed at individuals under 13 (U.S.) or 16 (EU). We do not knowingly ingest PII from minors.
3. Third-Party Integrations
The Website may interface with external domains. Healvet assumes no liability for the privacy protocols of non-affiliated third-party services.
4. Policy Iterations
This policy is subject to periodic revision. Material changes will be timestamped and updated on this URI.
5. Administrative Contact
Healvet USA Inc.
Email: info@healvet.us
Address: 1206, Society Dr, Claymont, DE 19703 USA Website:www.healvet.us
6. GDPR Administrative Metadata
• Data Controller: Healvet USA Inc.
• Regulatory Oversight: EU users may file grievances with their relevant National Data Protection Authority (DPA).
