Legal
Privacy Policy
DRAFT — this document must be reviewed by qualified legal counsel before launch. Bracketed placeholders require final business information.
What we collect
- Account data: email, name, password (stored as a salted hash)
- Order data: shipping address, order contents, order history
- Formula data: the custom blends you create and save
- Communication preferences and support correspondence
What we deliberately don't collect
We do not ask for, and you should not submit, health conditions, diagnoses, medication lists, lab results, or other sensitive health information. The builder works entirely from your ingredient choices. Caution information is shown generally to everyone.
Your formulas
Your custom formulas are treated as personal purchase data. They are used to produce your orders, power your saved-blend and reorder features, and meet manufacturing traceability obligations. We do not sell your formula data.
Payments
Payments are processed by Stripe. We never see or store full card numbers; we retain only payment references needed to fulfill and refund orders.
Retention and deletion
You can request account deletion from account settings. We delete account and saved formula data on request, except records we must retain for manufacturing lot traceability, tax, and legal compliance, which are retained for the legally required period and then deleted.
Contact
[SUPPORT EMAIL] · [LEGAL ENTITY NAME] · [BUSINESS ADDRESS]
This draft must be reviewed by qualified counsel before launch, including state-specific privacy disclosures (e.g., CCPA/CPRA) as applicable.