Security
Petverse OS Security
Last updated · 2025-12-16Clear controls and auditability that keep planning, booking, and visit updates protected.
On this page
Posture
TLS 1.2+ in transit
Data is encrypted in transit using TLS 1.2+.
Encryption at rest
Sensitive records are encrypted at rest in primary storage.
Audit logs retained 30 days
Operational audit logs are retained for 30 days for review and follow-up.
Controls
Access control
Role-based access limits visibility to teams supporting care, support, and operations.
Access reviews
Access reviews are required for elevated privileges and sensitive data access.
Auditability
Operational actions are logged to support follow-up, audits, and incident response.
Payments
Payments run through PCI-compliant processors. Petverse does not store full card numbers; card data stays with the processor.
Workflows
- Care Planner review for schedules, notes, and visit details.
- Route monitoring to support timing, handoffs, and exceptions.
- Incident reporting paths for safety follow-up and escalation.
Responsible disclosure
We welcome good-faith security research and responsible disclosure.
If you act in good faith, we will not pursue legal action.
Do not access customer data, account content, or third-party systems.
Please avoid privacy violations, social engineering, and service disruption.
Include affected URLs, clear reproduction steps, and expected versus actual behavior.
Add proof of impact where possible, without exfiltrating data.
We aim to acknowledge reports within 2 business days.
Report a security issue: petverseinc@gmail.com with subject “Security report”.