Effective Date: 4/16/2026] | Last Updated: 4/16/2026
1. Introduction
Nest Veterinary Inc. ("Nest," "we," "us," or "our") provides a membership management, payment processing, and care plan administration platform (the "Nest Service" or "Platform") to veterinary care providers and their affiliated hospital networks ("Customer Hospitals" or "Customers"). Through our Platform, Customer Hospitals offer and manage care plans for pet owners ("Pet Parents" or "Members") and their pets.
This Privacy Policy describes how we collect, use, disclose, and protect information in connection with the Nest Service. It applies to all users of and visitors to our Platform, including Pet Parents who enroll in care plans, Customer Hospital personnel who access the Platform ("Authorized Users"), and visitors to our website at www.nestveterinary.com (the "Website").
Nest operates as a technology and services platform on behalf of Customer Hospitals. In most cases, the Customer Hospital is the entity that determines the purposes and means of processing Pet Parent data, and Nest processes that data on the Customer Hospital's behalf. This Privacy Policy describes Nest's data practices in its capacity as both a service provider to Customer Hospitals and, where applicable, as an independent data controller.
By using the Nest Service, enrolling in a care plan, or visiting our Website, you acknowledge that you have read and understood this Privacy Policy.
2. Definitions
Aggregate Data means information that has been de-identified and aggregated such that it does not identify any individual Pet Parent, pet, or Customer Hospital.
Authorized User means an individual designated by a Customer Hospital to access and use the Nest Service, including veterinarians, veterinary technicians, practice managers, and other hospital staff.
Care Plan means a membership-based health and wellness plan offered by a Customer Hospital to Pet Parents through the Nest Service.
Customer Data means all data submitted to or collected through the Nest Service by or on behalf of a Customer Hospital, including Pet Parent records, patient information, and transaction history.
Customer Hospital means a veterinary practice that uses the Nest Service to offer and manage Care Plans.
Pet Parent or Member means an individual who enrolls in a Care Plan through the Nest Service.
Personal Information means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual or household.
3. Information We Collect
3.1 Information from Pet Parents
When you enroll in a Care Plan or interact with the Nest Service as a Pet Parent, we may collect:
• Contact information: name, email address, phone number, mailing address
• Account credentials: username, password, and security questions
• Payment information: credit or debit card number, expiration date, billing address, and bank account information for ACH transactions
• Pet information: pet name, species, breed, date of birth, weight, and health records related to care plan utilization
• Enrollment information: care plan selection, enrollment date, membership status, and plan history
• Transaction history: payment records, refunds, chargebacks, benefit utilization, and service history
• Communications: correspondence with Customer Hospitals or Nest regarding your membership, including support requests
• Cancellation information: reason for cancellation, documentation submitted (e.g., veterinary certificates for pet death)
3.2 Information from Customer Hospitals and Authorized Users
When a Customer Hospital subscribes to the Nest Service, we may collect:
• Business information: hospital name, address, tax identification number, and business registration details
• Authorized User information: names, email addresses, phone numbers, job titles, and login credentials of hospital personnel
• Financial information: Stripe connected account details, bank account information for fee collection and rebate payments
• Operational data: care plan structures, pricing, benefit configurations, and hospital-specific enrollment settings
• Staff attribution data: enrollment activity attributed to individual staff members in connection with Hospital Engagement Programs
3.3 Information Collected Automatically
When you access the Nest Service or our Website, we may automatically collect:
• Device and browser information: IP address, device type, operating system, browser type and version
• Usage data: pages viewed, features used, click patterns, session duration, and referring URLs
• Log data: access times, error logs, and system activity
• Cookies and similar technologies: we use cookies, pixels, and similar technologies to maintain sessions, remember preferences, and analyze usage patterns
3.4 Information from Third Parties
We may receive information from third parties, including:
• Payment processors: Stripe provides us with transaction confirmations, payment status, card updates via the card account updater service, and fraud screening results
• Customer Hospitals: hospitals provide us with pet parent information, pet records, and plan configurations necessary to administer Care Plans
• Manufacturer partners: in connection with home delivery or promotional programs, we may receive product eligibility or fulfillment information from manufacturer partners
4. How We Use Information
We use the information we collect for the following purposes:
4.1 Providing and Administering the Nest Service
• Processing Care Plan enrollments, renewals, and cancellations
• Processing and collecting membership fee payments, including retrying failed payments and updating stored payment credentials
• Managing billing, invoicing, and fee collection between Pet Parents, Customer Hospitals, and Nest
• Administering care plan benefits, tracking utilization, and managing member status
• Facilitating the migration of existing care plan members onto the Nest Platform
• Sending service-related communications, including payment confirmations, failed payment notices, renewal reminders, and account updates
4.2 Supporting Customer Hospitals
• Providing onboarding, training, and ongoing support to Customer Hospital staff
• Generating analytics, reports, and insights on enrollment, adoption, utilization, and financial performance
• Administering Hospital Engagement Programs and staff incentive programs, including tracking enrollment attribution and processing incentive payments
• Providing marketing materials and promotional support
4.3 Improving the Nest Service
• Analyzing usage patterns and trends to improve Platform functionality and user experience
• Developing new features, products, and services
• Conducting industry benchmarking using Aggregate Data
• Performing quality assurance and testing
4.4 Legal and Compliance
• Complying with applicable laws, regulations, and legal processes
• Protecting the rights, property, and safety of Nest, our Customers, Pet Parents, and the public
• Detecting, preventing, and responding to fraud, security incidents, and technical issues
• Enforcing our agreements, including our Customer Agreements and pet parent membership terms
4.5 Payment Recovery
• Retrying failed payments and updating stored payment credentials on behalf of Customer Hospitals
• Sending automated failed payment notifications and payment update requests to Pet Parents
• Suspending membership benefits during periods of outstanding balances, in accordance with the applicable membership terms
5. How We Share Information
We do not sell Personal Information. We share information only in the following circumstances:
5.1 With Customer Hospitals
We share Pet Parent and membership information with the Customer Hospital that offers the applicable Care Plan. The Customer Hospital is the seller of record for the Care Plan and uses this information to provide veterinary services and manage the care plan relationship. Customer Hospitals may have their own privacy policies that govern their use of your information.
5.2 With Service Providers (Subprocessors)
We engage third-party service providers to assist in providing the Nest Service. These providers are contractually obligated to use your information only as necessary to perform services on our behalf and in accordance with this Privacy Policy. Our service providers include:
• Stripe, Inc.: payment processing, fraud screening, card account updating, and connected account management
• Cloud infrastructure providers: hosting, data storage, and computing services
• Communication providers: email delivery, SMS messaging, and push notification services
• Analytics providers: usage analytics and performance monitoring
• Rewards platform providers: administration of staff incentive and engagement programs
5.3 With Manufacturer and Fulfillment Partners
In connection with home delivery programs or manufacturer-sponsored initiatives offered through the Nest Service, we may share limited Pet Parent and pet information (such as name, address, pet species, and product eligibility) with manufacturer partners and fulfillment pharmacies solely as necessary to process and fulfill orders. These partners are contractually required to use such information only for the purposes of fulfillment and in compliance with applicable law.
5.4 Aggregate and De-Identified Data
We may share Aggregate Data that does not identify any individual Pet Parent, pet, or Customer Hospital with third parties for any lawful purpose, including industry benchmarking, research, product development, and analytics. Aggregate Data is not subject to the restrictions of this Privacy Policy.
5.5 Legal Requirements and Protection of Rights
We may disclose information when we believe in good faith that disclosure is necessary to:
• Comply with applicable law, regulation, subpoena, court order, or legal process
• Protect the rights, property, or safety of Nest, our Customers, Pet Parents, or the public
• Detect, prevent, or address fraud, security, or technical issues
• Enforce our agreements, including our Customer Agreements and membership terms
5.6 Business Transfers
If Nest is involved in a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
6. Payment Data
All payment processing is handled by our payment processor, Stripe, Inc. Nest does not directly store full credit card numbers, CVVs, or complete bank account numbers on our servers. Payment credentials are tokenized and stored securely within the Stripe environment.
When you provide payment information in connection with a Care Plan enrollment, that information is transmitted directly to Stripe via their secure payment infrastructure. Nest receives only tokenized references, transaction confirmations, and limited card details (such as the last four digits and expiration date) necessary for account management and customer support.
Stripe's handling of payment data is subject to the Payment Card Industry Data Security Standard (PCI DSS). For more information on Stripe's security practices, please visit Stripe's privacy policy at https://stripe.com/privacy.
By enrolling in a Care Plan, you authorize Nest and Stripe to: store your tokenized payment credentials; process recurring membership fee payments; retry failed payments; automatically update stored payment credentials when updated information is provided by your card issuer (via Stripe's card account updater); and charge your payment method for any amounts owed, including cancellation balances.
7. Data Retention
We retain Personal Information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention practices include:
• Active membership data: retained for the duration of the Care Plan membership and for a reasonable period following cancellation or expiration to support account inquiries, refund processing, and dispute resolution
• Payment and transaction records: retained for a minimum of seven (7) years following the transaction date to comply with tax, accounting, and financial reporting obligations
• Customer Hospital data: retained for the duration of the Customer Agreement and for three (3) years following termination, consistent with our confidentiality obligations
• Payment recovery data: records related to failed payments, retry attempts, and account status are retained for the duration of the membership and for a reasonable period following cancellation
• Aggregate Data: retained indefinitely, as it does not identify individuals
• Website usage data: retained for up to twenty-four (24) months
When Personal Information is no longer required, we will securely delete or de-identify it in accordance with our data retention and destruction policies.
8. Data Security
We implement commercially reasonable administrative, technical, and physical safeguards designed to protect Personal Information from unauthorized access, use, alteration, and destruction. These measures include:
• Encryption of data in transit (TLS/SSL) and at rest
• Access controls limiting data access to authorized personnel on a need-to-know basis
• Regular security assessments and vulnerability testing
• Secure development practices for our Platform
• Contractual security obligations imposed on our service providers and subprocessors
• Incident response procedures for detecting, investigating, and responding to security incidents
We recognize the sensitivity of pet health information collected through the Nest Service. While veterinary data is not subject to HIPAA or equivalent federal health privacy regulations, we apply appropriate safeguards to pet health records consistent with the security practices described in this Section and with the data protection standards expected by our Customer Hospitals.
No method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security. If you become aware of a security incident involving your account, please contact us immediately.
9. Cookies and Tracking Technologies
We use cookies and similar technologies on our Website and Platform for the following purposes:
• Essential cookies: required for the Platform to function, including session management, authentication, and security
• Functional cookies: remember your preferences and settings to improve your experience
• Analytics cookies: help us understand how users interact with our Website and Platform, including page views, session duration, and feature usage
We do not use cookies for third-party advertising or cross-site behavioral tracking. We do not respond to "Do Not Track" browser signals, as there is no industry consensus on how to interpret these signals. However, you can manage cookies through your browser settings. Disabling cookies may affect the functionality of the Platform.
10. Your Privacy Rights
10.1 All Users
Depending on your relationship with us and applicable law, you may have the following rights:
• Access: request a copy of the Personal Information we hold about you
• Correction: request that we correct inaccurate or incomplete Personal Information
• Deletion: request that we delete your Personal Information, subject to certain exceptions
• Portability: request a copy of your data in a structured, commonly used, machine-readable format
• Opt-out of communications: unsubscribe from non-essential communications at any time using the unsubscribe link in any email or by contacting us
To exercise any of these rights, please contact us at privacy@nest.vet. We will respond to your request within the timeframe required by applicable law, and no later than forty-five (45) days from receipt. We may need to verify your identity before processing your request.
Please note that certain information is necessary for us to provide the Nest Service. If you request deletion of information required for an active Care Plan membership, we may need to cancel your membership to fulfill the request.
10.2 California Residents (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, "CCPA"), provides you with specific rights regarding your Personal Information.
Categories of Personal Information Collected: In the preceding twelve (12) months, we have collected the following categories of Personal Information:
• Identifiers (name, email, phone number, address, account credentials)
• Financial information (payment card details, bank account information, transaction history)
• Commercial information (Care Plan enrollment records, purchase history, benefit utilization)
• Internet or electronic network activity (browsing history, device information, usage data)
• Professional or employment-related information (for Authorized Users: job title, employer)
• Inferences drawn from the above categories
Sale and Sharing: Nest does not sell your Personal Information and has not sold Personal Information in the preceding twelve (12) months. Nest does not share your Personal Information for cross-context behavioral advertising.
Your CCPA Rights: In addition to the rights described in Section 10.1, California residents have the right to:
• Know what categories and specific pieces of Personal Information we have collected, the categories of sources, the business purpose for collection, and the categories of third parties with whom we share it
• Request deletion of Personal Information, subject to certain exceptions
• Opt out of the sale or sharing of Personal Information (Nest does not sell or share, so this right is already honored)
• Non-discrimination: we will not discriminate against you for exercising your CCPA rights
• Limit the use of sensitive Personal Information: to the extent we process sensitive Personal Information, we use it only for purposes authorized by the CCPA
To exercise your rights, contact us at privacy@nest.vet or call [phone number]. You may also designate an authorized agent to make a request on your behalf, subject to identity verification.
Retention: We retain each category of Personal Information for the periods described in Section 7.
10.3 Other State Privacy Laws
Residents of Virginia, Colorado, Connecticut, and other states with comprehensive privacy laws may have additional rights, including the right to access, correct, delete, and obtain a portable copy of their Personal Information, as well as the right to opt out of targeted advertising, profiling, and the sale of Personal Information. Nest does not engage in targeted advertising or profiling as defined by these laws.
To exercise your rights under any applicable state privacy law, please contact us at privacy@nest.vet. If we are unable to fulfill your request, you may have the right to appeal our decision. Instructions for submitting an appeal will be provided with our response.
10.4 Pet Parent Data Requests and Customer Hospitals
In many cases, Nest processes Pet Parent data on behalf of the Customer Hospital, which is the seller of record for the Care Plan. If you have questions about how your Customer Hospital uses your data, or if you wish to exercise your rights with respect to data controlled by the Customer Hospital, please contact the Customer Hospital directly. Nest will cooperate with Customer Hospitals to fulfill data subject requests in accordance with our Customer Agreements and applicable law.
11. Children's Privacy
The Nest Service is not directed to individuals under the age of eighteen (18). We do not knowingly collect Personal Information from children under 18. Care Plan enrollment requires the enrolling individual to certify that they are at least 18 years of age. If we learn that we have collected Personal Information from a child under 18, we will take steps to delete that information promptly. If you believe we have inadvertently collected information from a child, please contact us at privacy@nest.vet.
12. Third-Party Services and Links
The Nest Service may contain links to third-party websites or services, including payment processors, Customer Hospital websites, and manufacturer partner portals. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party service before providing your information. Nest is not responsible for the privacy practices or content of third-party services.
13. Data Storage and Transfers
Nest is headquartered in the United States and the Nest Service is hosted on servers located in the United States. If you access the Nest Service from outside the United States, your information may be transferred to, stored in, and processed in the United States. By using the Nest Service, you consent to the transfer of your information to the United States.
14. Nest's Role as a Service Provider
With respect to Pet Parent data, Nest operates primarily as a service provider (or data processor) on behalf of Customer Hospitals. Customer Hospitals determine the purposes and means of processing Pet Parent data through the Care Plans they design and offer. Nest processes Pet Parent data in accordance with its Customer Agreements and the instructions of the applicable Customer Hospital.
Nest processes Pet Parent data on behalf of Customer Hospitals for the following purposes:
• Care Plan enrollment, administration, and cancellation
• Payment processing, billing, and collections
• Service-related communications
• Reporting and analytics provided to the Customer Hospital
• Migrating members from prior care plan systems
Nest may also process certain data as an independent controller, including for purposes of: maintaining and improving the Nest Service, generating Aggregate Data for industry benchmarking, complying with legal obligations, and protecting the security and integrity of the Platform.
Nest does not use Pet Parent Personal Information received from Customer Hospitals for purposes materially different from those disclosed in this Privacy Policy or the applicable Customer Agreement without providing notice and obtaining consent.
Nest enters into data processing agreements with Customer Hospitals that govern the processing of Customer Data, including security obligations, breach notification, subprocessor management, and data return and deletion upon termination. Customer Hospitals seeking additional information about Nest’s data processing practices may contact us at privacy@nest.vet.
15. Electronic Communications
By using the Nest Service or enrolling in a Care Plan, you consent to receive electronic communications from Nest, including service-related emails, text messages, and push notifications. These communications may include:
• Payment confirmations and receipts
• Failed payment notifications and payment update requests
• Care Plan renewal reminders and pricing notices
• Membership status updates and account alerts
• Collections notices for delinquent accounts
These service-related communications are a necessary part of the Nest Service and may not be opted out of while your membership is active. If you wish to stop receiving these communications, you may cancel your Care Plan membership in accordance with your membership terms.
To the extent Nest sends promotional or marketing communications (e.g., information about new features or services), you may opt out at any time by using the unsubscribe mechanism in the communication or by contacting us at privacy@nest.vet. Opting out of marketing communications will not affect service-related communications.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated Privacy Policy on our Website with a revised "Last Updated" date and, where required by law, by providing additional notice (such as email notification). We encourage you to review this Privacy Policy periodically. Your continued use of the Nest Service after the effective date of a revised Privacy Policy constitutes your acceptance of the changes.
17. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Nest Veterinary Inc.
2 Union St, 5th Floor
Portland, ME
Email: hello@nest.vet
If you are a California resident and wish to exercise your CCPA rights, you may also contact us by phone at 1 (360) 230-8506.
If you have an unresolved privacy concern that we have not addressed satisfactorily, you may have the right to file a complaint with your state attorney general or applicable data protection authority.
