Privacy Policy

We collect as little personal information as we can. We never store your health concerns. Here's exactly what happens when you use mychemist.ai.

1. Who we are

This Privacy Policy applies to mychemist.ai, operated by InnMotion (the "Operator"). The Operator is the privacy entity responsible for personal information collected through the Service. We comply with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

2. What we collect

(a) Concerns you submit

When you use the recommendation tool, you may select pre-defined concern tags (e.g. "sleep", "stress") and optionally type a free-text description. This text is sent to our recommendation function and on to a third-party AI provider (Anthropic) to generate a response. We do not store your concern text or AI responses on our servers. Each request is processed in memory and discarded.

(b) Safety flags you tick

If you tick safety flags (e.g. "pregnant", "on blood thinners"), these are sent with your request so we can filter unsuitable suggestions. They are not retained on our servers after the request completes.

(c) Local browser storage

Your "saved herbs" and click history are stored locally in your browser (localStorage) on your device. They are not transmitted to us. You can clear them at any time via your browser settings.

(d) Enquiry form

If you fill in the contact / enquiry form, we collect your name, email, and message so we can respond. This is used solely to reply to you and is stored in our enquiry inbox.

(e) Logs and analytics

Our hosting provider (Netlify) logs basic technical information about each request (IP address, user agent, timestamp, URL) for the purpose of operating, securing, and debugging the Service. These logs are retained per Netlify's standard policy.

3. What we do not collect

• We do not collect or store any health record, diagnosis, prescription, or sensitive health identifier.
• We do not require you to create an account.
• We do not run advertising trackers or behavioural-profiling scripts on the Service.
• We do not sell, lease, or trade your personal information to anyone.

4. Third parties we use

To operate the Service we send limited data to:

• Anthropic — your concern selections and free-text description are sent to Anthropic's Claude API to generate the recommendation response. Anthropic's terms govern that processing. We do not send your name, email, or any account identifier to Anthropic.
• Netlify — hosts the Service and its serverless functions.
• iHerb / Impact — when you click an affiliate link, the destination retailer's tracking pixel may set a cookie under their domain to attribute your purchase. This is governed by iHerb's and Impact's privacy policies, not ours.
• Google Fonts — for typography. Google may receive your IP and user agent.

5. Cookies

The Service does not set its own tracking cookies. localStorage is used purely on your device for "saved herbs" and is not a cookie. Affiliate retailers may set cookies under their own domains when you click through to them.

6. How we use your information

• To generate recommendation responses (concerns + safety flags only, in real time);
• To respond to enquiries you submit;
• To operate, secure, and improve the Service;
• To meet legal obligations.

We do not use your information for marketing without your consent.

7. Storage and security

Personal information we hold (such as enquiry form submissions) is stored on services located in Australia and the United States. We use industry-standard security measures including HTTPS, scoped access controls, and serverless isolation. No system can be guaranteed perfectly secure.

8. Data breach

If we have reasonable grounds to suspect an eligible data breach has occurred under the Notifiable Data Breaches scheme, we will assess the situation, notify affected individuals, and report to the Office of the Australian Information Commissioner (OAIC) within the required timeframe.

9. Your rights

Under the Privacy Act, you can:

• request access to personal information we hold about you;
• request correction of inaccurate information;
• request deletion of your personal information from our enquiry inbox;
• complain about how we handle your personal information.

To exercise any of these rights, use the contact form on the homepage. We will respond within 30 days.

If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner: oaic.gov.au.

10. Children

The Service is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has submitted information through the Service, contact us so we can remove it.

11. Changes

We may update this Privacy Policy from time to time. Material changes will be flagged on the Service. The "Last updated" date at the top reflects the most recent revision.

12. Contact

For privacy questions, use the contact form on the homepage and select the "Privacy" topic.