Only you can see this.

Your sessions, stash, ratings, wishlist, and profile sit in tables protected by per-user Row Level Security (RLS) policies in Postgres. Every read and write is scoped to your user id via auth.uid(). When the database receives a query about your sessions, it returns rows only if your JWT matches the row's owner. There is no path through the API that lets another user — or even a TerpTrack admin — read them.

The catalog is open: strains, brands, terpenes, batches, dispensaries. That data benefits everyone, so it's readable by anyone with the public API key. You contribute by logging — your aggregated experience never enters the public catalog, only batch facts (THC%, terpene readings) that come from lab COAs or dispensary menus.

• We don't sell your data.
• We don't share it with brands or dispensaries.
• We don't aggregate it for "industry insights" without your explicit opt-in.
• We don't use third-party trackers (no Google Analytics, no Facebook pixel, no advertising IDs).
• We don't track minors. The service is 21+ and the signup flow includes an age gate.

The minimum to make the app work: your email (for sign-in), what you log (sessions, stash, ratings), and standard server logs for the few minutes needed to debug errors (then rotated). Plus Supabase's own infrastructure metrics, which are aggregate and not tied to you.

The honest version: privacy is a configuration, and configs can change. So the promise has to be technical, not just legal. Our private tables use a RLS pattern that scopes every query to user_id = auth.uid(), with no admin override — meaning even if our operator account is compromised, your sessions stay invisible without your JWT. The private tables are also not connected to the audit log (which is admin-readable). The catalog has full audit history; your data has none, because none of us should be reading it.

We'll tell you. Any change to what data we collect, how it's stored, or who can see it gets announced on this page with a clear changelog. You'll never wake up to a quietly-updated privacy policy.