1. Who We Are

Vetos is a software company that develops and licenses veterinary clinic management software to veterinary clinics and practitioners. We operate at thevetos.com and can be reached at info@thevetos.com.

Vetos licenses its software platform to veterinary clinics ("Clinic Operators"). Each clinic operator deploys the software on their own website (WordPress) and uses it to manage their clinic operations, client records, patient data, and billing.

2. What Is the Vetos Software

Vetos is a comprehensive veterinary clinic management system built as a WordPress plugin suite. Clinics that license Vetos get access to the following modules, each of which may process personal data:

3. Who This Policy Applies To

This Privacy Policy applies to three groups:

• Clinic Operators (Directors): Veterinary clinics and practitioners who license the Vetos software, pay for access, and deploy it on their website to manage their clinic.
• Clinic Staff: Veterinarians, receptionists, lab technicians, managers, and other staff accounts created by the clinic director within the system.
• Pet Owners / Clients: Individuals whose personal data and their pets' medical data is recorded in the system by the clinic they visit.

4. Information We Collect

The Vetos platform collects and stores the following categories of information, depending on which modules a clinic has activated:

4.1 Pet Owner / Client Information

• Full name
• Mobile phone number (used for WhatsApp notifications)
• Email address
• Residential address, city, state, and PIN code
• Any notes added by clinic staff

4.2 Pet / Animal Information

• Pet name, species, breed, sex, and reproductive status
• Date of birth or estimated age
• Weight, color, and identifying markings
• Profile photograph (if uploaded)
• Vaccination history (vaccine name, date, batch number)
• Unique system-assigned pet registration ID

4.3 Clinical / Medical Records

When a veterinarian opens a case for a pet, the system records:

• Visit date, unique Case ID, and attending veterinarian
• Chief complaint and clinical signs reported
• Physical examination findings (temperature, pulse, respiration, weight, etc.)
• Diagnosis (tentative and confirmed)
• Treatment plan, medicines prescribed, and dosage instructions
• Prescribed medications with drug name, dose, frequency, and duration
• Lab tests ordered as part of the case
• Follow-up reminder date
• Clinical photographs uploaded by the veterinarian
• Case status (Open / Under Treatment / Recovered / Deceased / etc.)

4.4 Laboratory Data

• Lab report ID, date, and time
• Test type (CBC, biochemistry, urinalysis, etc.) and individual test parameters
• Numeric results with units and reference ranges
• Lab technician's identity and verification status
• AI-generated interpretation (if AI interpretation is used)
• Uploaded images of lab slides or result documents

4.5 Indoor / Inpatient Records

• Admission and discharge dates and times
• Admitting veterinarian and ward/room assignment
• Patient condition on admission (Normal / Stable / Critical / Emergency)
• Daily treatment records and nursing notes
• Discharge condition, instructions, and outcome

4.6 Billing and Invoice Records

• Invoice ID, date, and payment status
• Itemized services rendered and medicines dispensed
• Prices, discounts, quantities, and totals
• GST registration number and applicable rates (if GST billing is enabled)
• Invoice PDF stored on the clinic's server

4.7 Certificate Records

• Certificate type (health, vaccination, fitness, travel)
• Certificate ID, issue date, and expiry date
• Pet and owner information as printed on the certificate
• Issuing veterinarian's name, license number, and digital signature
• Certificate PDF stored on the clinic's server

4.8 Staff / User Account Data

• Full name, username, and email address of each staff member
• Assigned role within the clinic (Veterinarian, Receptionist, Lab Technician, etc.)
• Password stored as a salted hash — never in plain text
• Association with the clinic director's account

4.9 AI Usage Data

• User ID and clinic director ID associated with each AI query
• Number of AI credits used and running credit balance
• Timestamp of each AI query
• Clinical data context sent to the OpenAI API (pet names, diagnoses, lab values — depending on the query)

4.10 WhatsApp Notification Data

• Mobile numbers to which WhatsApp notifications have been sent
• WhatsApp credit transaction history (credits added/deducted, balance, date)
• Blocked mobile numbers, reason for blocking, and date of blocking

4.11 Internal Messages

• Message content, sender, recipient, and timestamp
• Read/unread status

4.12 Account Switcher Credentials

• Account display name and email address
• Password stored in AES-256-CBC encrypted form

4.13 Clinic Profile Data

• Clinic name, address, contact numbers, email, and website
• Clinic logo, letterhead/casepaper templates
• Veterinarian digital signature and watermark images

5. How We Use Your Information

Information collected through the Vetos platform is used for the following purposes:

• Providing veterinary services: Maintaining complete, accurate medical histories for patients across all visits
• Generating official documents: Creating case reports, lab reports, invoices, and health/vaccination certificates in PDF format
• Sending notifications: Sending WhatsApp reminders about upcoming follow-ups, vaccination due dates, or other clinical communications (with owner consent)
• Billing and financial records: Generating invoices and maintaining payment records for services rendered, including GST compliance where applicable
• AI-assisted analysis: When the AI Assistant is used, relevant clinic data is sent to the OpenAI API to answer clinical or operational queries
• Internal communication: Enabling messaging between clinic staff and pet owners
• Access management: Managing role-based access so each staff member can only access data appropriate to their role
• System improvement: Vetos may use aggregated, anonymized usage data to improve the platform

6. Data Storage and Security

All data is stored in the clinic's own WordPress database and file system, hosted on the clinic's server. Vetos does not operate a central cloud database; each clinic's data is isolated within their own WordPress installation.

Security Measures Built Into the Software

• All form submissions and AJAX requests are protected using WordPress nonce tokens to prevent unauthorized requests
• All user inputs are sanitized before database storage
• Role-based access control ensures each user can only access the data and features relevant to their assigned role
• Account Switcher passwords are encrypted using AES-256-CBC encryption before database storage
• Staff passwords are stored as WordPress salted hashes — never as plain text
• PDF files containing clinical data are generated server-side and are not cached in the browser

7. Third-Party Services

OpenAI (AI Assistant Module)

When the AI Assistant is used in Database Mode, a structured summary of clinic data — which may include pet names, clinical values, diagnoses, and lab results — is transmitted to the OpenAI API to generate a response. In General Mode, only the staff member's typed question is sent.

Data sent to OpenAI is governed by OpenAI's Privacy Policy. Each clinic operator must configure their own OpenAI API key and accept OpenAI's terms independently.

WhatsApp Business API

Pet owner mobile numbers are transmitted to a WhatsApp Business API gateway to send automated notifications. The clinic operator is responsible for obtaining the pet owner's prior consent before sending WhatsApp messages and for complying with WhatsApp's Business Policy.

No Other Third-Party Data Sharing

Vetos does not sell, rent, or share personal data with advertising networks, data brokers, or analytics platforms. No tracking or advertising code is embedded in the Vetos software.

8. Data Sharing

Personal data processed through the Vetos platform is not shared outside the clinic except in the following circumstances:

• Third-party AI processing: As described in Section 7, when the AI Assistant is used
• WhatsApp notifications: Mobile numbers are passed to the WhatsApp API gateway to send messages
• Regulatory compliance: If a clinic is legally required to share records with a veterinary council, tax authority, or court
• Technical support: Vetos may access clinic data only if the clinic operator explicitly grants access for the purpose of diagnosing a technical issue

Within the clinic, data is accessible only to staff members according to their assigned role. A receptionist cannot access financial reports; a lab technician cannot access invoices; and so on.

9. Data Retention

Vetos software does not automatically delete data. Records remain in the system until a clinic director actively deletes them. The clinic operator is responsible for defining a data retention policy in accordance with applicable law. General guidance:

• Clinical records: Recommended 5–7 years after the last visit (varies by veterinary council regulations)
• Invoice and GST records: At least 6 years (as required by Indian GST law)
• Certificate records: Retain for the certificate's validity period or longer as required
• AI usage logs: Viewable and clearable by the clinic director from the AI Credit Manager
• WhatsApp credit logs: Retained until manually deleted by the director

10. Your Rights

Depending on applicable law (including India's Digital Personal Data Protection Act 2023), you may have the following rights regarding your personal data:

• Right to Access: Request a copy of your personal data held in the system
• Right to Correction: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your data, subject to legal retention obligations
• Right to Portability: Clinical records and invoices can be exported as PDFs upon request
• Right to Withdraw Consent: If you have consented to WhatsApp notifications, you may withdraw that consent at any time — ask the clinic to add your number to the blocked list

To exercise these rights, contact the veterinary clinic that holds your records directly. If you believe your rights have not been respected, you may also contact Vetos at info@thevetos.com.

11. Cookies and Browser Storage

The Vetos platform uses only essential WordPress authentication cookies and security nonce tokens. No advertising cookies, tracking pixels, or analytics scripts are embedded in the Vetos software. The Account Switcher module does not use browser localStorage or sessionStorage; all session state is managed server-side.

12. Children's Privacy

Vetos software is designed for veterinary clinic management. It does not knowingly collect personal data directly from children under the age of 18. Where a pet owner is a minor, the clinic operator should ensure a parent or guardian has provided appropriate consent.

13. Changes to This Policy

Vetos may update this Privacy Policy from time to time to reflect changes in our software features, business practices, or legal requirements. When we make significant changes, we will update the "Last Updated" date at the top of this page. We encourage users to review this policy periodically. Continued use of the Vetos platform after changes are posted constitutes acceptance of the updated policy.

14. Contact Us