Privacy Policy
Rad Dad Labs LLC (“we”) respects your privacy. This policy explains what we collect, how we use it, and your rights.
What we collect
Account data: name, email, role (brand, retailer, distributor), and organization details you provide. Operational data: the barcodes, COA URLs, batch numbers, and permit details you upload. Access logs: for each public COA lookup, we record timestamp, retailer domain (from the HTTP Referer header), barcode queried, and a hash of the requesting IP. We do not store raw IPs and do not attempt to identify individual consumers.
What we do not collect
We do not parse the contents of COA PDFs. We do not collect potency, cannabinoid, pass/fail, or lab-test data from documents. We do not track consumers across sites or sell any data to third parties.
How we use it
Account and operational data is used to deliver the service. Access logs power the brand-side analytics dashboard and the audit trail. Aggregated, non-identifiable usage stats may be used to improve the product.
Sharing
We share data only as needed to operate the service: with our infrastructure providers (Supabase, Vercel) under their respective data processing agreements, and with email delivery providers (Resend) for transactional messages. We do not sell, rent, or trade personal data.
Your rights
You may export your account data, request correction, or delete your account at any time from your dashboard. Deletion removes your records within 30 days; some access logs are retained in append-only form for audit integrity.
Contact
Rad Dad Labs LLC, Baton Rouge, Louisiana · privacy@raddadlabs.com