Data Policy
A clear explanation of how we handle your data
Last updated: 13 January 2026
This Data Policy provides detailed information about how Go Rocco collects, processes, stores, and protects your data. It supplements our Privacy Policy with technical details about data handling.
1 Data We Collect
1.1 Data You Provide
| Data Type | Examples | Purpose |
|---|---|---|
| Account Data | Name, email, password | Authentication and communication |
| Dog Profile | Name, breed, temperament, photo | Core service functionality |
| Pet Passport | Vaccination records, vet visits | Health record management |
| User Content | Reviews, messages, photos | Community features |
1.2 Automatically Collected Data
| Data Type | Examples | Retention |
|---|---|---|
| Location Data | GPS coordinates during walks | Real-time only (not stored beyond session unless saved) |
| Device Info | Model, OS version, app version | While account active |
| Usage Analytics | Feature usage, session duration | Anonymised after 90 days |
| Crash Reports | Error logs, stack traces | 90 days |
2 Location Data: Our Approach
Location data is central to Go Rocco's functionality. Here's exactly how we handle it:
2.1 The 50-Metre Rule
- Your location is only visible to other users within 50 metres
- Users further away cannot see you, even if they're using the app
- This limit is enforced server-side and cannot be bypassed
2.2 Visibility Control
- You choose when to appear on the map ("Start Walk" / "End Walk")
- When not on an active walk, you're invisible to all users
- You can pause visibility at any time during a walk
2.3 Mutual Blocking
- If you block another user, both of you become invisible to each other
- Blocked users cannot see your profile, location, or message you
- Blocking is immediate and permanent until you unblock
2.4 Location Storage
- Real-time: Your current location is transmitted to nearby users during active walks
- Walk History: If you choose to save a walk, the route is stored in your account
- Not Shared: Historical location data is never shared with other users
- Deletion: You can delete walk history at any time
3 Data Processing and Storage
3.1 Where We Store Data
- Primary servers located in the United Kingdom
- Backup servers within the European Economic Area
- Cloud infrastructure provided by Cloudflare with ISO 27001 certification
3.2 Security Measures
- Encryption in Transit: All data transmitted using TLS 1.3
- Encryption at Rest: AES-256 encryption for stored data
- Access Control: Role-based access with multi-factor authentication
- Monitoring: 24/7 security monitoring and intrusion detection
- Auditing: Regular security audits and penetration testing
3.3 Data Processors
We use the following third-party processors:
| Service | Provider | Purpose |
|---|---|---|
| Cloud Hosting | Cloudflare Workers | Data storage and processing |
| Analytics | Privacy-focused | No personal data shared |
| Payments | Apple / Google Play | Subscription handling |
| Resend | Transactional and marketing emails |
All processors are bound by Data Processing Agreements compliant with UK GDPR.
4 Data Retention Schedule
| Data Category | Retention Period | After Deletion |
|---|---|---|
| Account Data | Until account deletion | Deleted within 30 days |
| Dog Profile | Until account deletion | Deleted within 30 days |
| Real-time Location | Duration of active walk only | Immediately cleared |
| Saved Walk History | Until you delete or close account | Deleted within 30 days |
| Messages | Until you delete or close account | Deleted within 30 days |
| Analytics (identifiable) | 90 days | Anonymised |
| Analytics (anonymised) | 2 years | Deleted |
5 Your Data Rights
Under UK GDPR, you can exercise these rights by contacting info@gorocco.com:
5.1 Data Export (Portability)
Request a copy of your data in a machine-readable format (JSON). Includes:
- Account information
- Dog profiles
- Saved walk history
- Messages
- Settings and preferences
5.2 Data Deletion
Request complete deletion of your account and associated data. You can also:
- Delete individual walks from history
- Delete specific dog profiles
- Clear message history
5.3 Response Times
- We acknowledge requests within 5 business days
- We fulfill requests within 30 days (may extend by 60 days for complex requests)
- Verification may be required for security
6 Data Breach Procedures
In the event of a personal data breach:
- We will assess the breach within 24 hours
- If required, we will notify the ICO within 72 hours
- If there is high risk to you, we will notify you without undue delay
- We will document all breaches and our response
7. Contact Our Data Team
Data Protection Queries: info@gorocco.com
Privacy Concerns: info@gorocco.com
Data Subject Requests: info@gorocco.com