Ari's Apothecary

Privacy Policy

Last updated: February 14, 2026

1. Data Controller

Ari's Apothecary is responsible for determining how your personal information is used on this website. If you have privacy questions or requests, contact us at support@arisapothecary.com.

2. Information We Collect

We collect information in the following categories:

  • Account data: email address, username, and authentication/session data when you sign up or log in.
  • User content: deck data, profile information, and content you choose to publish.
  • Technical and security data: IP address, user-agent, request timestamps, and related logs.
  • Usage analytics data: aggregated page and interaction analytics from Umami.

3. Where Information Comes From

  • Directly from you (for example when creating an account or editing decks).
  • Automatically from your device and browser when using the site.
  • From service providers that process data on our behalf.

4. Why We Use Information

  • To provide account, deck builder, and community features.
  • To operate, maintain, and secure the website.
  • To detect abuse and enforce rate limits/security controls.
  • To improve product quality and user experience through aggregate analytics.

We do not sell your personal information and do not use your data for cross-site behavioral advertising. We may share aggregated or de-identified analytics that cannot reasonably identify you.

5. Service Providers

We use trusted processors to run the site:

  • Supabase: authentication and database infrastructure.
  • Umami: privacy-focused website analytics.
  • Vercel: hosting, edge delivery, and runtime infrastructure.

These providers process data under their own terms and privacy policies, and as processors for our services where applicable.

6. Cookies and Similar Technologies

We only use essential cookies required for authentication, security, and core functionality on the site. The analytics prover we use, Umami, is cookieless, does not track users across websites, GDPR and CCPR compliant, privacy focused, and does not sell your data.

7. Data Retention

We retain data based on purpose and necessity:

  • Account and user content data: retained while your account is active.
  • Operational/security logs: retained only as long as needed for security and reliability.
  • Analytics data: retained in aggregated form as provided by our analytics service settings.

We may retain certain data longer when legally required.

8. Your Privacy Rights

Depending on your location, you may have rights to:

  • Access personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Object to or restrict certain processing.
  • Request portability of eligible data.

To exercise these rights, email support@arisapothecary.com.

9. International Data Transfers

Your information may be processed in countries other than your own depending on infrastructure and service providers. Where required, we rely on appropriate legal safeguards for international transfers.

10. Data Security

We use reasonable technical and organizational measures to protect personal information. No online system is completely secure, and we cannot guarantee absolute security.

11. Children's Privacy

This site is not intended for children under 13, and we do not knowingly collect personal data from children under 13.

12. Policy Updates

We may update this policy periodically. Changes are posted on this page and reflected by the updated date at the top.