Privacy Policy

Last updated: January 6, 2026

1. Information We Collect

We collect information you provide directly and information collected automatically:

Account Information

  • Name and email address
  • Company name and role
  • Payment information (processed by Stripe)

Product Information

  • Supplement label images you upload
  • Product names and claims
  • Verification results and dossiers

Usage Information

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Badge impression and click data

2. How We Use Your Information

We use collected information to:

  • Provide and improve our verification services
  • Process transactions and send related information
  • Send technical notices, updates, and support messages
  • Respond to your comments and questions
  • Analyze usage patterns to improve the Service
  • Detect and prevent fraud or abuse

3. Information Sharing

We do not sell your personal information. We may share information with:

  • Service Providers: Third parties that help us operate our business (payment processing, hosting, analytics)
  • Public Directory: If you opt into the public directory, your product name, brand, and verification score will be publicly visible
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

4. Data Security

We implement appropriate technical and organizational measures to protect your information, including encryption in transit and at rest, access controls, and regular security audits. However, no method of transmission over the Internet is 100% secure.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Verification dossiers are retained for the duration of your subscription plus one year. You may request deletion of your account and associated data at any time.

6. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Delete your personal information
  • Export your data in a portable format
  • Opt out of marketing communications
  • Withdraw consent where applicable

To exercise these rights, contact us at privacy@theclinicalindex.com

7. Cookies

We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage. You can control cookies through your browser settings, but some features may not function properly without them.

8. Third-Party Services

We use the following third-party services:

  • Supabase: Authentication and database hosting
  • Stripe: Payment processing
  • Vercel: Website hosting
  • PostHog: Product analytics
  • Sentry: Error monitoring

These services have their own privacy policies governing their use of your information.

9. Children's Privacy

Our Service is not directed to children under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us.

10. International Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in accordance with applicable law.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions about this Privacy Policy or our data practices, contact us at: privacy@theclinicalindex.com