Privacy Policy

Last updated: January 2026

Adult in Training ("we," "our," or "us") operates Microdose Tracker (microdose-tracker.com). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

1. Information We Collect

1.1 Information You Provide

We collect information you voluntarily provide when you:

Create an account: Email address, name (optional), password
Complete your profile: Age range, gender, race/ethnicity (all optional, for research purposes)
Log your experiences: Weekly tracking data including wellness metrics, comments, and dosing information
Configure settings: Timezone, reminder preferences, protocol selection

1.2 Sensitive Health-Related Data

Important Notice: The wellness metrics and substance use information you provide may constitute health-related data under certain privacy laws (including "special category data" under GDPR). By creating an account and logging your experiences, you explicitly consent to our collection and processing of this sensitive information as described in this policy.

1.3 Information Collected Automatically

When you access the Site, we may automatically collect:

IP address
Browser type and version
Device information
Pages visited and time spent
Referring website

1.4 Biometric Information

We do not collect biometric identifiers or biometric information as defined under the Illinois Biometric Information Privacy Act (BIPA), 740 ILCS 14/1 et seq. This includes fingerprints, retina or iris scans, voiceprints, scans of hand or face geometry, or any other unique biological identifiers.

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our services
Create and manage your account
Send you reminder emails (if enabled)
Display your tracking history and progress
Generate anonymized, aggregate research data
Respond to your inquiries and support requests
Monitor and analyze usage patterns
Protect against unauthorized access and abuse

2.1 Legal Basis for Processing (GDPR)

If you are located in the European Economic Area, we process your personal data under the following legal bases:

Processing Activity	Legal Basis
Account creation and service delivery	Performance of contract
Reminder emails	Your consent (opt-in)
Health-related tracking data	Your explicit consent
Research and analytics (anonymized)	Legitimate interest
Security and fraud prevention	Legitimate interest
Legal compliance	Legal obligation

2.2 Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

3. Data Storage and Security

Your data is stored on secure servers. We implement appropriate technical and organizational measures to protect your personal information, including:

Encryption of data in transit (HTTPS/TLS)
Secure password hashing
Access controls and authentication
Regular security assessments

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

3.1 Data Breach Notification

Illinois Personal Information Protection Act (PIPA) Compliance: In the event of a data breach involving your personal information as defined under 815 ILCS 530/1 et seq., we will notify you in the most expedient time possible and without unreasonable delay, consistent with any measures necessary to determine the scope of the breach and restore the reasonable integrity of our data systems.

If the breach affects more than 500 Illinois residents, we will also notify the Illinois Attorney General's office as required by law.

Notification methods may include:

Written notice to your last known address
Electronic notice to your email address
Substitute notice (if the cost of notification exceeds $250,000 or more than 500,000 Illinois residents are affected), consisting of email notification, conspicuous posting on our website, and notification to major statewide media

4. Our Commitment: We Do Not Share or Sell Your Personal Data

🔒 YOUR PERSONAL DATA STAYS PRIVATE

We do not sell, trade, rent, or share your personal information (name, email address, password, or any other identifying information) with any third parties for any purpose.

Illinois Consumer Fraud and Deceptive Business Practices Act Compliance: We commit to honest and transparent data practices. We will never engage in deceptive practices regarding the collection, use, or disclosure of your personal information.

Your personal data is used solely to provide you with our services and will never be disclosed to researchers, partners, or any external parties.

5. Anonymized Data and Research Rights

5.1 How We Anonymize Data

When we process data for research and analytics purposes, we completely separate your tracking data from any personally identifiable information. Specifically:

Excluded from research data: Name, email address, password, IP address, and any other fields that could identify you
Included in research data: Only anonymized metrics (wellness scores, protocol type, substance type, dosing information) and optional demographic categories (age range, gender) — never in combination that could identify individuals

5.2 Data Ownership and License Grant

You retain ownership of your personal data (name, email, account information).

By using this service, you grant Adult in Training a perpetual, royalty-free, worldwide license to use, analyze, publish, and share your anonymized tracking data (wellness metrics, protocol information, dosing logs) for:

Research and scientific publications
Aggregate analytics and trend reports
Educational materials and articles
Improving our services
Sharing with research institutions and partners

This license applies only to de-identified data that cannot reasonably be used to identify you. We will never share data in a way that links your identity to your tracking information.

5.3 Aggregate Statistics

We may publish or share aggregate statistics derived from user data, such as:

Average improvement in wellness metrics across all users
Comparison of different protocols (Fadiman vs. Stamets, etc.)
Trends over time in the microdosing community
Demographic breakdowns (with minimum group sizes of n≥5 to prevent re-identification)

5.4 Raw Anonymized Data

We reserve the right to share raw, anonymized datasets with qualified researchers and institutions. These datasets will:

Never contain personal identifiers (name, email, IP address, etc.)
Use randomized record IDs that cannot be traced back to your account
Exclude any free-text fields that might contain personal information
Be reviewed to ensure no individual can be re-identified

6. Limited Third-Party Sharing

The only circumstances in which we share any information with third parties are:

6.1 Service Providers (Operational Only)

We use essential service providers to operate the platform:

Email delivery: Resend (receives only your email address for sending reminders). View Resend's Privacy Policy
Hosting: Infrastructure providers (have technical access but are contractually prohibited from accessing or using your data)

These providers are bound by strict data processing agreements and cannot use your data for any other purpose.

6.2 Legal Requirements

We may disclose information if required by law, court order, or governmental authority, including but not limited to requests from Illinois law enforcement or the Illinois Attorney General. We will attempt to notify you before such disclosure when legally permitted.

7. Your Rights and Choices

You have the right to:

Access: Request a copy of the personal data we hold about you
Correction: Update or correct inaccurate information via your Settings page
Deletion: Request deletion of your account and associated data
Portability: Request your data in a portable format
Opt-out: Disable reminder emails at any time in Settings
Withdraw Consent: Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time

Important: Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.

To exercise these rights, contact us at info@adultintraining.us.

8. Cookies and Tracking

We use essential cookies to maintain your session and authentication state. These cookies are necessary for the Site to function properly. We do not use third-party tracking or advertising cookies.

9. Data Retention and Disposal

We retain your personal information for as long as your account is active or as needed to provide you services.

Retention periods:

Data Type	Retention Period
Account data	Until account deletion + 30 days
Tracking logs	Until account deletion + 30 days
Server logs (IP addresses)	90 days
Backup data	30 days after deletion from primary systems
Inactive accounts	May be deleted after 24 months of inactivity (with prior notice)

If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes.

Illinois PIPA Disposal Requirements: When disposing of records containing personal information, we ensure that data is rendered unreadable and unrecoverable through secure deletion methods for electronic records, in compliance with 815 ILCS 530/40.

Anonymized, aggregate data may be retained indefinitely for research purposes.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our services, you consent to the transfer of your information to the United States.

For transfers from the EEA/UK, we rely on Standard Contractual Clauses approved by the European Commission to ensure adequate protection of your data.

12. Third-Party Links

Our Site may contain links to third-party websites, resources, or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party sites you visit.

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to know what personal information is collected, used, shared, or sold
Right to delete personal information held by businesses
Right to opt-out of the sale of personal information (we do not sell your data)
Right to non-discrimination for exercising your privacy rights

14. Illinois Privacy Rights

If you are an Illinois resident, you are protected by several Illinois privacy laws:

14.1 Illinois Personal Information Protection Act (PIPA)

Under 815 ILCS 530/1 et seq., you have the right to be notified in the most expedient time possible and without unreasonable delay if your personal information (as defined by PIPA) is compromised in a data breach. Personal information under PIPA includes your name combined with:

Social Security number
Driver's license or state identification number
Financial account numbers with access codes
Medical information
Health insurance information
Unique biometric data

14.2 Illinois Biometric Information Privacy Act (BIPA)

We do not collect biometric identifiers or biometric information as defined under 740 ILCS 14/1 et seq. If we ever change this practice, we will:

Inform you in writing of the specific purpose and length of time for collection
Obtain your written consent before collection
Make publicly available a written policy for retention and destruction of such data

14.3 Illinois Consumer Fraud and Deceptive Business Practices Act

Under 815 ILCS 505/1 et seq., we commit to honest, transparent data practices. Violations of this Privacy Policy that constitute deceptive practices may be actionable under this Act.

15. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation, including:

Right of access to your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing
Right to withdraw consent at any time
Right to lodge a complaint with a supervisory authority

Our legal basis for processing your personal data includes your consent (including explicit consent for health-related data), performance of a contract (providing our services), and our legitimate interests in operating and improving our services.

16. UK Privacy Rights

If you are in the United Kingdom, you have similar rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. The rights and protections described in Section 15 apply equally to UK residents.

17. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the new Privacy Policy on this page
Updating the "Last updated" date
Sending an email notification for significant changes (where required)

Your continued use of the Site after such changes constitutes acceptance of the updated policy.

18. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Adult in Training
785 N Water St
South Elgin, IL 60177
United States

Email: info@adultintraining.us

For complaints or inquiries related to Illinois privacy laws, you may also contact the Illinois Attorney General's Consumer Protection Division.

By using Microdose Tracker, you acknowledge that you have read and understood this Privacy Policy.