Privacy Policy
Last updated: July 3, 2026
1. Who We Are
Dreamer Labs (d/b/a "Mirenta," "we," "our," or "us") makes Mirenta, a service that runs autonomous AI agents on behalf of veterinary clinics to reactivate overdue patients. A clinic sends us its overdue recall list, and our agents follow up with each pet owner over text and phone — answering questions, offering open appointment slots, and checking back over days or weeks — until the appointment is booked and kept. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use any Mirenta website, product, or service that links to it (collectively, the "Services").
2. Scope
This Policy applies to information we collect:
- When you visit mirenta.ai or any sub-domain (the "Site");
- When your clinic engages Mirenta and we receive your practice management system's overdue/recall data;
- When you are a pet owner and our AI agents contact you by text or phone on a clinic's behalf, or you communicate with our agents;
- In email and other electronic communications between you and Mirenta; and
- Offline, if you attend a Mirenta event or contact our team.
3. Information We Collect
3.1 Information Clinics Provide Directly
| Category | Examples |
|---|---|
| Account & Contact Data | Name, email address, phone number, password (hashed), preferred authentication method |
| Clinic & Practice Data | Practice name, location(s), staff roles, service menu, appointment types, scheduling rules and availability |
| Billing Information | Payment method details processed through our payment provider; we do not store full card numbers |
| Support & Feedback | Questions, bug reports, survey responses, feature requests |
3.2 Client & Patient Data (from the Clinic's Practice Management System)
To run outreach on a clinic's behalf, we receive overdue-recall records exported or synced from the clinic's practice management system (e.g., Cornerstone, AVImark, ezyVet), which may include:
- Pet Owner (Client) Data — name, phone number, email address, communication preferences;
- Patient (Pet) Data — pet name, species/breed, and the recall reason (e.g., annual exam, vaccine, dental due), limited to what is needed to schedule the correct appointment type. Our agents are designed to keep conversations focused on scheduling and do not include detailed medical records or diagnoses in owner-facing messages;
- Appointment Data — scheduling history, kept/missed appointment status, and booking outcomes.
3.3 Information We Collect Automatically
- Conversation & Outreach Activity — text messages, call recordings/transcripts, call outcomes, response times, and scheduling actions taken by our agents and by pet owners;
- Consent & Opt-Out Records — TCPA consent status and opt-out requests, tracked per pet owner and honored immediately across all future outreach;
- Usage & Log Data — IP address, app version, feature interactions, error logs, and session metadata for clinic staff using our dashboard;
- Device Data — operating system version, device identifiers, hardware model for users of the Mirenta app;
- Cookies & Similar Technologies — on the Site. See Section 11.
3.4 Information From Third Parties
We may receive information from:
- Practice Management System Integrations — the overdue/recall and appointment data described in Section 3.2, synced per the clinic's configuration;
- Telephony & Messaging Providers — to place calls and send texts on the clinic's behalf and manage delivery, consent, and opt-out signals;
- Authentication Providers — for single sign-on where applicable;
- AI Model Providers — to power agent conversations, as described in Section 6;
- Analytics Partners — limited to pseudonymous identifiers for product analytics.
4. How We Use Your Information
We use information to:
- Provide & Maintain the Services — run the AI agents that text and call overdue patients, answer questions, offer available appointment slots, and confirm bookings;
- Schedule & Reduce No-Shows — send reminders, handle rescheduling, and follow up on missed appointments;
- Comply With Consent Rules — track and honor TCPA consent and opt-out requests, and stop outreach instantly when a pet owner opts out;
- Report Outcomes to Clinics — surface booked, kept, and missed appointment analytics back to the clinic;
- Improve & Develop Features — analyze aggregate, de-identified conversation and scheduling patterns to improve agent quality and conversion;
- Secure the Platform — prevent fraud, abuse, and unauthorized access;
- Communicate With You — send transactional emails, account and billing notices, product updates, and (with consent) marketing messages to clinic contacts;
- Comply With Legal Obligations — respond to lawful requests and enforce our Terms of Service.
4.1 Legal Bases for Processing (EEA/UK)
If you are in the European Economic Area, United Kingdom, or Switzerland, we process personal data under one or more of the following legal bases:
- Contractual Necessity (Art. 6(1)(b) GDPR)
- Legitimate Interests (Art. 6(1)(f)) — e.g., network security, service analytics
- Consent (Art. 6(1)(a)) — for optional marketing emails and non-essential cookies
- Legal Obligation (Art. 6(1)(c))
5. Client & Patient Data & the Clinic's Responsibilities
When a clinic uses Mirenta to contact its pet owners, the clinic is the data controller for that client and patient information. The clinic is responsible for:
- Having lawful authority (e.g., an existing client relationship and applicable consent) to have Mirenta's agents contact each pet owner under TCPA and other applicable law;
- Ensuring the accuracy of the recall list and appointment data it provides;
- Directing us promptly on any client request to access, correct, or delete their information.
Mirenta acts as a data processor on the clinic's behalf for client and patient data and processes it only according to the clinic's instructions and this Policy. We do not sell, rent, or use client/patient data for our own marketing purposes. Pet owners who wish to opt out of outreach may reply STOP to any text or tell an agent directly on a call — opt-outs are honored instantly and apply to all future outreach from that clinic.
6. Sharing & Disclosure
We do not sell or rent personal information. We share it only as described:
- Service Providers & Sub-processors — cloud hosting, database providers, telephony/SMS infrastructure, and analytics — all bound by confidentiality and data-processing agreements;
- Practice Management System Partners — booking confirmations and outcomes synced back to the clinic's connected system;
- AI Model Providers — conversation content is sent to the AI providers powering our agents under their data-processing terms, so agents can generate and understand responses;
- Business Transfers — in connection with a merger, acquisition, or sale of assets, after which you will receive notice;
- Legal & Compliance — to comply with subpoenas or protect rights, property, and safety.
7. Security
Key safeguards include:
- Encryption in transit (TLS 1.2+) and at rest (AES-256);
- Principle of least privilege and role-based access controls;
- Audit logs and continuous vulnerability scanning;
- Isolated storage of each clinic's client and patient data to prevent cross-account exposure.
Despite our efforts, no internet transmission or storage system is 100% secure. We encourage you to keep your credentials confidential.
8. Data Retention
We retain personal information for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law. A clinic may request deletion of its account and associated data — including recall lists, conversation history, and outcome records — at any time by contacting us. Backup archives are purged on a 35-day rolling basis.
9. Your Rights & Choices
Depending on your location, you may have the right to:
- Access, correct, or delete personal information;
- Object to or restrict processing;
- Port data to another service;
- Opt-out of marketing communications;
- Lodge a complaint with a data-protection authority.
Pet owners should generally direct these requests to their veterinary clinic, who can also route the request to us. To exercise any of these rights directly, contact us at alexander@mirenta.ai. We will verify your identity and respond within the timeframe required by law.
9.1 California Privacy Rights (CCPA/CPRA)
California residents may request information about categories of personal information we collect, disclose, or "share" for cross-context behavioral advertising and may opt-out of such sharing at any time.
10. International Data Transfers
We host our infrastructure in the United States. If you access the Services from outside the U.S., your information will be transferred to and processed in the U.S. We rely on Standard Contractual Clauses and other safeguards for data transferred from the EEA, UK, and Switzerland.
11. Cookies & Tracking Technologies
We use cookies, local storage, and similar technologies on the Site to:
- Authenticate users and maintain sessions;
- Remember preferences;
- Measure Site performance and usage;
- Support marketing campaigns (with consent).
You can manage cookie preferences through our banner or your browser settings. Disabling cookies may affect Site functionality.
12. Children's Privacy
The Services are not directed to children under 13 (or under 16 in the EEA). We do not knowingly collect personal data from minors. If you believe a child has provided us information, please contact us and we will delete it promptly.
13. Changes to This Privacy Policy
We may update this Policy periodically. We will post the revised version and update the "Last updated" date. Material changes will be notified via email or prominent notice on the Site at least 30 days before they take effect.
14. Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us at:
Dreamer Labs (Mirenta) 548 Market Street, PMB 12345 San Francisco, CA 94104 United States
Email: alexander@mirenta.ai