Legal
Privacy Policy
Last updated: 7/10/2026
This Privacy Policy explains how The Apothecary Os ("we", "us", "our") collects, uses, discloses, and protects your information when you use our website, account, and formulation tools (the "Service").
1. Information We Collect
We collect the following categories of information:
- Account information — name, email address, and password (stored as a secure hash) when you create an account.
- User content — formulas, notes, and other content you save to your account.
- Payment information — billing details processed by our payment provider (Stripe). We do not store full card numbers on our servers.
- Usage data — log data such as IP address, browser type, pages visited, and timestamps, collected automatically to operate and secure the Service.
- Cookies — essential cookies for authentication and session management. We do not use advertising cookies.
2. How We Use Your Information
We use your information to:
- Provide, maintain, and improve the Service;
- Authenticate you and secure your account;
- Process payments and manage subscriptions;
- Respond to support requests and communicate service updates;
- Detect, prevent, and address fraud, abuse, or security issues;
- Comply with legal obligations.
3. How We Share Information
We do not sell your personal information. We share information only with trusted service providers who help us operate the Service, including:
- Hosting and database providers;
- Authentication providers (including Google, if you sign in with Google);
- Payment processors (Stripe);
- Email delivery providers for transactional emails.
We may also disclose information if required by law, to enforce our terms, or to protect the rights, safety, or property of our users or the public.
4. Data Retention
We retain your account information and User Content for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within a reasonable period, except where retention is required for legal, accounting, or security purposes.
5. Data Security
We use industry-standard administrative, technical, and physical safeguards to protect your information, including encryption in transit (TLS) and at rest, hashed passwords, and access controls. No system is perfectly secure, and we cannot guarantee absolute security.
6. Your Rights
Depending on your jurisdiction (including the EU/UK under GDPR and California under CCPA), you may have the right to access, correct, delete, port, or restrict processing of your personal information, and to object to certain uses. To exercise these rights, contact us at the email below.
7. International Transfers
Your information may be processed in countries other than the one you live in. Where required, we rely on appropriate safeguards such as standard contractual clauses to protect international transfers.
8. Children's Privacy
The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, notify you through the Service. Your continued use of the Service after the changes take effect constitutes your acceptance of the revised policy.
10. Contact
Questions or requests about your privacy? Reach us at info@theapothecaryos.com.
This policy is provided as a general template and does not constitute legal advice. You should have it reviewed by qualified counsel before relying on it for compliance purposes.