Platform Pricing Tutorials Free Tools Blog
Log in Start Free →

Privacy Policy

Last updated: June 22, 2026

Effective date: 14 June 2026 · Last updated: 14 June 2026

Mish Bioscience Pty Ltd (ABN 55 672 734 637), trading as Regulave ("we", "us", "our"), respects your privacy. This policy explains what personal information we collect, how we use and share it, how long we keep it, and your rights. It applies to the Regulave platform, websites, and services (the "Service"). For any privacy question or request, contact support@regulave.com.

1. The laws we follow

We handle personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Because we have customers in the EU and UK, where those laws apply we also handle personal data consistently with the EU General Data Protection Regulation (GDPR) and the UK GDPR / Data Protection Act 2018.

2. Information we collect

You give us:

  • Account information — name, email address, password (stored hashed), and, if you sign in with Google, your Google profile basics (name, email, profile image).
  • Content you submit — product labels and images, pasted marketing or social text, URLs, ingredient lists, and similar materials you upload for analysis, plus the results we generate from them.
  • Communications — messages you send us at support@regulave.com and related correspondence.
  • Requests — ingredients or platforms you ask us to add.

We collect automatically:

  • Usage and technical data — IP address, device and browser information, pages viewed, actions taken, and timestamps.
  • Cookies and analytics — see our Cookie Policy. Analytics (Google Analytics) only run after you consent via our cookie banner.

From third parties:

  • Payment information — payments are processed by Stripe. We receive limited details (such as a payment confirmation, card brand, and last four digits); we do not collect or store your full card number — Stripe does, under its own terms and security standards.

We do not intentionally collect sensitive information about you, and you should not upload third-party personal or sensitive data unless you are entitled to.

3. How and why we use your information, and our lawful bases

We use personal information to:

Purpose GDPR / UK GDPR lawful basis
Create and manage your account; provide the Service Performance of a contract
Process payments, credits, and subscriptions Performance of a contract
Analyse the content you submit and generate results Performance of a contract
Provide support and respond to enquiries Performance of a contract / legitimate interests
Maintain security, prevent fraud and abuse Legitimate interests
Improve and develop the Service Legitimate interests
Send service and transactional messages Performance of a contract
Send marketing communications Consent (you can withdraw at any time)
Comply with legal, tax, and accounting obligations Legal obligation

Where we rely on legitimate interests, we balance those interests against your rights.

4. How your content is processed by AI

To generate compliance results, the content you submit (such as label images, text, and ingredient lists) is processed using third-party artificial intelligence providers acting as our sub-processors, solely to generate your results. We do not authorise these providers to use your content to train their AI models, and we limit what is shared to what is needed to produce your results.

5. Who we share information with

We share personal information only with:

  • Service providers / sub-processors that help us run the Service — for example payment processing (Stripe), sign-in (Google), AI analysis providers, hosting/infrastructure, and email and analytics providers — under contracts that require them to protect your data and use it only for the services they provide to us. We maintain a current list of our sub-processors, available on request at support@regulave.com.
  • Authorities or other parties where required by law, to enforce our Terms, or to protect rights, safety, and security.
  • A successor entity in the event of a business sale, merger, or restructure, subject to this policy.

We do not sell your personal information.

6. International data transfers

We are based in Australia, and our providers may process data in other countries (including the United States). Where personal data of EU/UK individuals is transferred outside the EEA/UK, we rely on lawful transfer mechanisms such as the European Commission's Standard Contractual Clauses (and the UK addendum), or transfers to countries recognised as providing an adequate level of protection.

7. How long we keep your information (data retention)

We keep personal information only as long as needed for the purposes above:

  • Account information — for as long as your account is active, and for up to 90 days after you close it, after which it is deleted or de-identified, unless we must keep it longer by law.
  • Content you submit and results — retained while your account is active so you can access your history, and deleted (or de-identified) when your account is deleted, subject to backup rotation.
  • Billing and transaction records — retained for 7 years to meet Australian tax and financial record-keeping obligations.
  • Support communications — retained for a reasonable period to handle queries and disputes.
  • Marketing data — until you withdraw consent or unsubscribe.
  • Backups — residual copies in backups are purged on our routine backup rotation, generally within 90 days.

8. Security

We use reasonable technical and organisational measures to protect personal information, including hashing of passwords, encryption of sensitive tokens, access controls, and HTTPS. No system is perfectly secure, so we cannot guarantee absolute security. If a data breach likely to cause serious harm occurs, we will respond in line with our legal obligations, including notifying the OAIC and affected individuals where required.

9. Your rights

Depending on where you live, you may have the right to:

  • access the personal information we hold about you;
  • correct inaccurate information;
  • delete your information ("right to erasure");
  • object to or restrict certain processing;
  • withdraw consent (for example to marketing) at any time;
  • data portability — receive certain data in a portable format; and
  • complain to a regulator — in Australia, the Office of the Australian Information Commissioner (OAIC); in the EU, your local Data Protection Authority; in the UK, the Information Commissioner's Office (ICO).

To exercise any right, email support@regulave.com. We will respond within the timeframes required by law.

10. Deleting your account

You can request deletion of your account at any time by emailing support@regulave.com (or via your account settings where available). When you delete your account:

  • your access ends and your account information is deleted or de-identified within 30 days, except records we must retain by law (such as billing records);
  • the content you submitted and your results are deleted, subject to backup rotation; and
  • some anonymised, non-identifying data may be retained.

11. Cookies

We use cookies and similar technologies as described in our Cookie Policy. Non-essential cookies (including analytics) are only set after you consent via our cookie banner, and you can change your choice at any time.

12. Children

The Service is for users aged 18 and over. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us information, contact support@regulave.com and we will delete it.

13. Changes to this policy

We may update this policy from time to time. Material changes will be notified by email or an in-app notice. The "last updated" date shows the current version.

14. Contact

Privacy questions or requests: support@regulave.com Mish Bioscience Pty Ltd, 14 Jenkins St, Rosewater SA 5013, Australia.