Anthesia

Legal

Privacy Policy

Effective: May 14, 2026

Anthesia LLC ("Anthesia," "we," "us," or "our") respects your privacy. This Privacy Policy describes the information we collect, how we use it, and the choices available to you when you use the websites and services operated under the Anthesia brand (the "Service"). It applies to the website at anthesia.io and to any Anthesia product that links to it, except where a product publishes its own, more specific privacy notice.

1. Summary

We are a small company and we collect as little as we reasonably can. The anthesia.io website itself does not use advertising trackers, behavioral analytics, or third-party tag managers. We do not sell personal information. Individual products may collect what they need to function (for example, an account email to issue an API key, or a coarse location to return a forecast); each product describes its specific collection below.

2. Information we collect

Website (anthesia.io)

When you visit the website, our hosting provider (Cloudflare) automatically receives certain technical information that is standard for any internet request, including your IP address, browser user agent, the page you requested, and a timestamp. This information is used by Cloudflare to deliver the site, mitigate abuse, and provide aggregate, non-personal performance metrics to us. We do not place advertising cookies or behavioral tracking scripts on the website.

PureWeather

PureWeather is designed for minimal data collection. To return a forecast, the app uses your device's location (with your permission) or a location you enter manually. Location data is used at request time and is not associated with a persistent user profile. PureWeather does not include advertising SDKs and does not sell or share user data with data brokers. Crash diagnostics, if any are collected by the underlying platform (Apple, Google), are governed by that platform's settings.

Developer APIs (MedData, Shopify Intelligence)

To issue and manage an API key, we collect your email address and (where applicable) the company name and billing details required to bill for paid plans. We log API requests for the purposes of security, abuse prevention, debugging, and rate-limit enforcement. Logs include API key identifiers, request paths, response codes, timestamps, and source IP addresses. We do not log request or response bodies beyond what is necessary for diagnostics.

Email correspondence

When you email us, we receive your message and the metadata your email provider transmits. We use email services (currently Google Workspace) to receive and reply to these messages.

3. How we use information

We use the information described above to:

  • Operate, maintain, and improve the Service;
  • Authenticate users, issue API keys, and enforce rate limits and acceptable-use policies;
  • Process payments and prevent fraud;
  • Respond to your inquiries and provide customer support;
  • Monitor for security threats and abuse;
  • Comply with legal obligations.

We do not use personal information to build advertising profiles, and we do not sell personal information.

4. Sharing of information

We share information only with service providers that help us operate the Service, and only to the extent necessary for them to provide their service. Our current providers include:

  • Cloudflare — hosting, DNS, and content delivery for the website and APIs;
  • Stripe — payment processing for paid plans;
  • Google Workspace — business email infrastructure.

We may also disclose information when required by law, valid legal process, or to protect the rights, property, or safety of Anthesia, our users, or others.

5. Data retention

We keep information only as long as needed for the purposes described in this policy. Examples:

  • Account and billing records are retained while your account is active and for up to seven (7) years afterward to satisfy tax and accounting obligations.
  • API request logs are retained for up to ninety (90) days, after which they are deleted or aggregated.
  • Email correspondence is retained for as long as it remains useful for support history, typically up to three (3) years.
  • Web server logs are retained by Cloudflare in line with their standard retention windows.

6. Your rights

Depending on where you live, you may have rights regarding your personal information, including the right to access, correct, delete, or port it, and the right to object to or restrict certain processing. These rights apply, among others, to residents of the European Economic Area, the United Kingdom, and (for California residents) under the California Consumer Privacy Act as amended.

To exercise any of these rights, email legal@anthesia.io. We will verify your identity using the email address associated with your account and respond within the timeframes required by applicable law. We do not discriminate against users for exercising their privacy rights.

7. Cookies and similar technologies

The anthesia.io website does not set advertising or analytics cookies. Our hosting provider may set strictly necessary cookies for security purposes (for example, to mitigate denial-of-service attacks); these are essential to the operation of the site and do not track users across other sites. Logged-in product dashboards, when available, will use a session cookie to maintain your session; that cookie is essential to the dashboard's function and is not used for tracking.

8. Children's privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, please contact legal@anthesia.io and we will take appropriate steps to delete it.

9. International users

Anthesia operates from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, which may have different data protection laws than your home jurisdiction. By using the Service, you consent to this transfer.

10. Security

We use industry-standard technical and organizational measures, including encryption in transit, access controls, and the principle of least privilege, to protect personal information. No system is perfectly secure, however, and we cannot guarantee absolute security. If you suspect a security issue, please email legal@anthesia.io.

11. Changes to this policy

We may update this Privacy Policy from time to time. The "Effective" date at the top of this page indicates when the current version took effect. For material changes, we will provide reasonable notice through the Service or by email where appropriate.

12. Contact

For questions about this Privacy Policy or to exercise your rights, contact legal@anthesia.io. Anthesia LLC is an Ohio limited liability company.