Privacy policy

LicensedPsychedelics is operated by LicensedPsychedelics, Inc. This policy describes what we collect, how we use it, and the controls you have. If you are a clinic listed in our directory, additional terms apply in our Terms.

What we collect

• Directory data: Public business listings we scrape from official registries (FDA REMS, state medical boards, OHA, DORA). This is not personal data.
• Claim and flag submissions: Name, clinic, email, phone, license number, and notes you enter into our claim form.
• Lead events: When you click a phone or website link on a provider page, we log the click with the provider slug, timestamp, referrer, and UTM parameters if present in the URL. We do not log keystrokes or session replays.
• Server logs: Standard IP address, user agent, and timestamp for every request, retained for 30 days for abuse monitoring.

What we do not collect

• We do not collect any medical history or protected health information (PHI). LicensedPsychedelics is not a covered entity under HIPAA.
• We do not use third-party advertising trackers.
• We do not sell or rent personal data to any third party.

How we use data

• To verify clinic claims against the relevant licensing authority.
• To measure directory usage (aggregate clicks per listing) for internal analytics and publisher revenue share.
• To respond to your email or submission.

Your rights

You can request export or deletion of any personal data we hold by emailing privacy@licensedpsychedelics.com. California residents have additional rights under the CCPA, which we honor for all US residents regardless of state.

Vendors

Our infrastructure runs on Netlify (hosting), Supabase (Postgres database) and Resend (transactional email). Each has its own SOC 2 program. We do not share data with any other third party.

Contact: privacy@licensedpsychedelics.com