Covepet logoCovepet
← Back to Home

Security

This page covers the current Covepet website and waitlist flow. It is intentionally specific. If a control is not described here, you should not assume it is live.

Last updated: March 7, 2026

Least data possible

The waitlist collects email, optional pet type, and limited attribution fields. It does not collect pet medical records.

Server-side handling

Waitlist submissions are validated on the server, and a honeypot field is used to reduce automated spam.

Limited vendor access

Third-party services are used only where needed to store waitlist submissions, send email, and measure site traffic.

What the site does today

  • Handles waitlist submissions through a server-side API route
  • Stores waitlist records in a managed database service
  • Sends signup and launch-related email through an email provider, if email delivery is configured
  • Uses environment variables for service credentials rather than exposing them in the client bundle
  • May use Google Analytics for basic traffic and engagement measurement if analytics is enabled

What this page does not claim

This page does not claim specific certifications, hosting regions, encryption algorithms, uptime guarantees, or monitoring practices unless they are separately documented and live in production.

If something goes wrong

If Covepet becomes aware of a security issue that materially affects submitted waitlist data, the goal is to investigate quickly, contain the issue, and notify affected users when the circumstances justify it.

Security contact

If you have a security concern, email security@covepet.com. Please do not send passwords, payment details, or other secrets over email.