Privacy Policy

Last updated: April 27, 2026

Contents

Who we are
Data we collect
Purposes of processing
Legal basis
Who we share data with
Retention period
Your rights (GDPR)
Security
Cookies and local storage
Minors
Changes
Contact

1. Who we are

gogeehaw is an all-in-one platform under development, dedicated to canine athletes, breeders and dog clubs. The site gogeehaw.com currently serves as a waitlist signup page. For any data-related question, contact [email protected].

2. Data we collect

When you sign up to the waitlist via the form:

Email address — provided voluntarily by you
IP address — captured automatically by the server (for rate-limiting and security)
Country — derived from IP (e.g. FR, CA), to understand geographic distribution
User-Agent — browser/OS info (for usage stats and debug)
Preferred language — declared by your browser (Accept-Language header)
Referrer page — where you came from, if you arrived via an external link
Timestamps — signup date and last visit

We collect no other personal data without your explicit request. No name, no postal address, no banking info.

3. Purposes of processing

Keep you informed about the gogeehaw launch
Send you a limited number of product-related emails (launch announcements, early access)
Measure interest by country / language / source to inform development
Prevent form abuse (IP-based rate-limiting)

4. Legal basis

Consent (GDPR Art. 6.1.a) — form signup constitutes explicit consent
Legitimate interest (GDPR Art. 6.1.f) — for rate-limiting (IP) and service security

No sale. No third-party sharing for marketing purposes. All transfers outside EU/Canada are governed by Standard Contractual Clauses (EU-SCC 2021/914). List last updated 2026-05-03:

Cloudflare, Inc. (United States, EU/Canada presence) — edge hosting, email storage (Cloudflare KV), cookieless Web Analytics. Policy.
Resend (United States, Standard Contractual Clauses) — welcome email after waitlist signup.

The gogeehaw application (at app.gogeehaw.com, after signup) uses additional sub-processors (Neon, Stripe, Anthropic, OpenRouter, Strava, Open-Meteo, APNs, FCM). The full list is in the application privacy policy.

6. Retention period

Email: as long as you're on the waitlist, or until you request deletion
IP, user-agent, etc.: 12 months maximum
Rate-limiting data: 60 seconds (auto-expiration)

If the waitlist is closed and the platform has been launched for more than 24 months, all data will be deleted.

7. Your rights (GDPR)

In accordance with the General Data Protection Regulation (EU 2016/679) and equivalent laws (PIPEDA Canada, CCPA California, etc.), you have the following rights:

Right of access — know what data we have on you
Right of rectification — correct inaccurate data
Right to erasure ("right to be forgotten") — request complete deletion
Right to restriction — limit processing
Right to portability — receive your data in a structured format
Right to object — object to processing based on legitimate interest
Right to withdraw consent at any time

To exercise any of these rights, email [email protected] indicating the email you signed up with. Response within 30 days max.

You also have the right to lodge a complaint with the supervisory authority of your country (CNIL in France, CAI in Quebec, ICO in the UK, etc.).

8. Security

We apply the following technical and organizational measures:

Exclusive HTTPS (TLS 1.3), HSTS, automatic Let's Encrypt certificate
Encryption at rest (Cloudflare KV)
HTTP security headers (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy)
Input validation and sanitization
IP-based rate-limiting to prevent abuse
Anti-bot honeypot
No third-party tracking scripts (no Google Analytics, no Facebook Pixel, no third-party cookies)
Automatic infrastructure updates via Cloudflare

9. Cookies and local storage

This marketing site (gogeehaw.com) uses no cookies. We only use your browser's localStorage to remember your language preference (FR or EN) — 100% local data, never sent to our servers.

The gogeehaw application (at app.gogeehaw.com, after account creation) sets a strictly-necessary session cookie to keep you signed in. This cookie is first-party, HttpOnly, Secure, SameSite=Lax, and is never used for tracking or advertising. See the application privacy policy for details.

10. Minors

The service is intended for an adult audience. We do not knowingly collect data on people under 16. If you're a parent and suspect your child has provided information, contact us for immediate deletion.

11. Changes

This policy may evolve (notably when we launch with new features). For substantial changes, you'll be notified by email before they take effect. The "Last updated" date at the top reflects the current version.

12. Contact & data protection officer

For any question — technical support, unsubscribe, GDPR rights request, security report, press — email us at [email protected].

Pursuant to article 3.1 of the Quebec Privacy Act (Law 25), a person responsible for the protection of personal information has been designated for any matter regarding your rights, a privacy incident, or a complaint to be filed with the Commission d'accès à l'information (CAI): [email protected]. Reply within 30 days. For EU/EEA users, this same contact serves as the single point of contact under articles 27 and 38 of the GDPR.

For security reports, put SECURITY in the subject for immediate priority.