Canilex Legal Notice and Privacy Policy
Legal
Canilex Legal Notice and Privacy Policy

Canilex Legal Notice and Privacy Policy
Version of 10 June 2026
1. Legal notice
Publisher
The Canilex services are published by:
Overworks SRL CBE: BE 0756.468.950 Résidence du Vert Marais 18 7540 Kain (Tournai) Belgium
Publication manager: Alexandre De Coster
General contact: support@canilex.com Legal contact: legal@canilex.com
Hosting
The Canilex services are mainly hosted on infrastructure operated by OVHcloud within the European Union.
2. Data controller
The controller of personal data is:
Overworks SRL CBE: BE 0756.468.950
For any question relating to data protection:
3. Services covered
This policy applies to all services operated under the Canilex brand, in particular:
- Android and iOS mobile applications;
- web applications;
- Canilex websites;
- Canilex APIs;
- authentication services;
- support services.
Main domains:
- canilex.com
- api.canilex.com
4. Data collected
Depending on the features used, Canilex may collect the following categories of data.
Account data
- email address;
- user identifier;
- settings and preferences;
- legal consents;
- authentication history;
- account security information.
Data relating to dogs
Depending on the applications used:
- name;
- breed;
- sex;
- date of birth or age;
- weight;
- health data entered by the user;
- activity data;
- tracking data.
Technical data
- IP address;
- technical identifiers;
- device type;
- operating system;
- language;
- application version;
- technical logs;
- error reports.
Payment data
Canilex never stores full bank card numbers.
Transactions are processed by specialised providers such as:
- Apple App Store;
- Google Play;
- Stripe;
- RevenueCat.
Location data
Certain features require access to the device's location.
Location data is collected only after explicit consent and only where necessary for the operation of the relevant feature.
Support data
When you contact support:
- message content;
- attachments;
- technical metadata associated with the request.
5. Purposes of processing
Data is used in order to:
- provide the Canilex services;
- authenticate users;
- synchronise data between applications;
- manage purchases and subscriptions;
- ensure account security;
- send notifications;
- respond to support requests;
- detect abuse and fraudulent activity;
- improve features;
- produce aggregated and anonymised statistics;
- comply with legal and regulatory obligations.
6. Legal bases
Processing is based in particular on:
- the performance of the contract;
- the user's consent;
- the legitimate interest of Canilex;
- compliance with legal obligations.
7. Authentication and security
Authentication relies on a proprietary Canilex infrastructure using in particular Authentik.
Canilex implements mechanisms designed to protect user accounts against unauthorised access.
8. Notifications
Canilex may send two categories of notifications:
Global Canilex notifications
Information relating to the Canilex ecosystem.
Application notifications
Information specific to a particular application.
Notifications can be disabled at any time from the system or application settings.
9. Location
Access to location is optional.
Specific consent is requested before any use of geographic data.
Certain features may be limited or unavailable without this consent.
10. Artificial intelligence
Certain features may use artificial intelligence technologies in order to:
- assist the user;
- improve certain content;
- automate certain processing;
- improve the quality of support.
Certain features may rely on third-party providers specialising in artificial intelligence. Where necessary, only the strictly required data is transmitted and appropriate contractual safeguards are implemented.
Where technically possible, this processing is carried out on infrastructure controlled by Canilex.
11. Security
Canilex applies technical and organisational measures appropriate to the sensitivity of the data processed.
These measures include in particular:
- TLS encryption of communications;
- access control;
- logging of sensitive operations;
- secure backups;
- system monitoring;
- AES-256 encryption of sensitive data at rest.
Despite these measures, no IT system can guarantee absolute security.
12. Processors
Canilex may use in particular the following providers:
- OVHcloud;
- RevenueCat;
- Stripe;
- Apple;
- Google Play;
- Mailgun;
- Firebase Cloud Messaging;
- Sentry;
- self-hosted Umami.
These providers access data only to the extent necessary to carry out their tasks.
13. International transfers
Certain providers may process data outside the European Economic Area.
Where necessary, Canilex implements the appropriate safeguards provided for by the GDPR, in particular the standard contractual clauses adopted by the European Commission.
14. Data retention
Active accounts
Data is retained for the entire duration of use of the services.
Account deletion
When a user requests the deletion of their account:
- the account is immediately deactivated;
- a deferred deletion period of thirty (30) days is applied;
- the user may cancel their request during this period.
At the end of this period:
- personal data is deleted or anonymised;
- only data necessary to comply with legal obligations is retained.
Technical logs
Technical and security logs are retained for a maximum period of twelve (12) months, unless a longer period is necessary for the establishment, exercise or defence of legal claims, or is required by a legal obligation.
Payment and billing data
Data necessary for billing and for compliance with accounting and tax obligations is retained for the applicable statutory period, namely in principle seven (7) years in Belgium.
15. Your rights
In accordance with applicable regulations, you have in particular the following rights:
- right of access;
- right to rectification;
- right to erasure;
- right to restriction;
- right to object;
- right to portability;
- right to withdraw your consent.
Any request may be sent to:
16. Minors
The Canilex services are not intended for children under thirteen (13) years of age.
In accordance with applicable Belgian regulations (Article 8 of the GDPR), where processing is based on consent, such consent can only be validly given by a minor from the age of thirteen (13). Below this age, consent must be given or authorised by the holder of parental responsibility.
If Canilex becomes aware that an account has been created by a child under thirteen (13) without the required authorisation, the data concerned is deleted as soon as possible.
17. Supervisory authority
For users located in Belgium:
Data Protection Authority Rue de la Presse 35 1000 Brussels
https://www.autoriteprotectiondonnees.be
18. Changes
Canilex may amend this policy to reflect legal, regulatory, technical or functional developments.
The applicable version is the one published and versioned within the Canilex infrastructure.
Continued use of the services after a new version is published constitutes acknowledgement of this update. Where required by law or by the nature of the changes, a new explicit acceptance may be requested.