Metabolic Ledger

Privacy policy

What we collect, what we don’t, and your rights under US privacy law.

Last updated May 27, 2026

Who we are

This policy applies to https://metabolicledger.com(the “Site”), published by Metabolic Ledger Publishing LLC(the “Publisher,” “we,” or “us”). For privacy questions, contact privacy@metabolicledger.com.

What we collect

Information you give us

When you submit a form (e.g. an email opt-in), we receive the email address you provide and the identifier of the form you submitted (which lead magnet, which page).

Information collected automatically

We collect the following on every page request:

  • Server access logs — IP address, user agent, URL requested, timestamp, referring URL. Used for debugging, rate-limiting, and abuse prevention. Retained for ninety days then deleted.
  • Affiliate click logs — when you click a /go/… outbound affiliate link, we record the provider, product, timestamp, IP address, user agent, and referring page. Used for revenue attribution and to confirm the affiliate network paid us correctly. Retained for twenty-four months.
  • Privacy-respecting page analytics via Cloudflare Web Analytics. Cookie-free. No cross-site tracking. Aggregated counts of page views, country, device class, and referrer. See Cloudflare’s description for the technical detail.

What we don’t collect

We do not collect protected health information (PHI). We do not collect names, addresses, phone numbers, BMI, prescription history, dose information, or any other clinical data, unless you voluntarily include it in an email to us. We do not run third-party advertising trackers, retargeting pixels, or session-replay scripts. We do not sell or rent personal information.

Cookies

The Site sets two cookies, both first-party and both functional:

  • us-content-acknowledged — set if you confirm at the geographic interstitial that you understand the Site is for US audiences. Expires twelve months after acknowledgement.
  • email-optin-dismissed — set if you dismiss the top-bar email opt-in. Expires thirty days after dismissal.

We do not use third-party advertising cookies or any cross-site tracking cookies.

Sharing

We share data only with the providers we use to operate the Site:

  • Cloudflare — CDN, DNS, DDoS protection, privacy-respecting analytics.
  • Hostinger — VPS host (origin server).
  • Supabase — database for affiliate click logs and email opt-ins.
  • An email-service provider (Beehiiv or equivalent), once provisioned, to deliver newsletters you have opted into. We will name the provider here once selected.

We do not share personal information with affiliate partners beyond what is necessary to attribute a referral (i.e. that somebody from our Site arrived at theirs). The affiliate network handles any subsequent sign-up under its own privacy terms.

Your rights under CCPA / CPRA

If you are a California resident, you have the right to know what we hold about you, to have it deleted, to correct it, to opt out of its “sale” or “sharing” (we do neither), and to be free from discrimination for exercising these rights. The rights extend to residents of states with similar laws (Colorado, Virginia, Connecticut, Utah, and others as enacted). To exercise a right, email privacy@metabolicledger.com from the address tied to your request. We verify identity by confirming control of the email address and reply within forty-five days.

Children

The Site is not directed at children under sixteen. We do not knowingly collect data from children. If you believe we have inadvertently received information from a child, please contact us and we will delete it.

Changes

We’ll update this policy when our practices change. The Last updated date at the top of the page is authoritative. Material changes are summarised at the top of the page when they happen, and announced to the email list.

Related

See our terms of use, affiliate disclosure, and disclaimer.