Salome Beverage Ops LLC
Effective Date: April 8, 2026 | Last Updated: April 8, 2026
Salome Beverage Ops LLC (“Potion5,” “we,” “us,” or “our”) operates a business-to-business software platform that helps beverage manufacturers, co-packers, and brand owners generate Standard Operating Procedures, manage formulations and inventory, track production runs, and maintain regulatory records required by the U.S. Alcohol & Tobacco Tax and Trade Bureau (TTB), the U.S. Food & Drug Administration (FDA), and the FDA Food Safety Modernization Act (FSMA 204).
This Privacy Policy describes the personal information we collect, how we use and protect it, who we share it with, and the choices and rights available to you. It applies to our marketing site at potion5.com, our production application at app.potion5.com, our shared evaluation environment at demo.potion5.com, and any related APIs and services (collectively, the “Platform”).
Key points about our data practices:
If you are a California resident or a resident of another state with a comprehensive privacy law, you have specific rights described in the “Your Privacy Rights” section below.
We collect several categories of information to provide, secure, and improve the Platform and to meet our customers' regulatory recordkeeping obligations.
Account information. When you create an account through our identity provider (Clerk.dev), we receive your name, email address, and any authentication factor you choose to use (password, OAuth provider, magic link). We store a small mirror of this profile in our own database, including your display name, email, optional avatar image, and the facility you most recently used.
Organization and facility data. When your organization sets up a facility on Potion5, we collect the facility name, physical address, phone number, beverage categories produced, production scale, operating hours, timezone, default unit system, water profile, and the regulatory identifiers required for compliance recordkeeping including FDA registration number, TTB permit number and permit type, EIN, and GS1 Global Location Number (GLN).
Team member data. Customer administrators add team members to a facility for purposes such as production sign-offs, signature authority, and contact directories. For each team member we collect name, email, optional phone number, role, and optional hourly rate. Team members may also be linked to a Clerk login if they need direct access to the Platform.
Beverage formulation data. Users upload or enter proprietary beverage formulations, recipes, ingredient lists with amounts and units, ingredient supporting documents (organic certifications, endorsement letters, spec sheets, Safety Data Sheets, Technical Data Sheets), target specifications (ABV, pH, gravity, sensory targets), and packaging details. This information frequently constitutes trade secrets and is treated as confidential customer content.
Operational records. We collect production run records (batch ID, scaled recipe, target volume, equipment assignments, start/stop/pause times, actual yield, photos taken during production), Standard Operating Procedures and their version history, quality-control test results, cleaning and CIP logs, environmental readings, inventory items and lots (lot number, supplier, received date, expiration, COA, storage location), receiving records, shipping records, purchase orders, quotes, supplier contact information, and outbound Certificates of Analysis.
TTB compliance data. For facilities that use our TTB features we maintain daily records, monthly reporting periods, account transfers (for spirits), gauging measurements, tax estimates, and the form-ready PDFs of TTB Forms 5110.40, 5120.17, 5130.9, and 5130.26. These records are retained per TTB regulatory requirements and may not be deleted on request before their statutory retention period expires.
Electronic signatures. When users approve SOPs, sign off on TTB submissions, or complete production-step sign-offs, we capture a signature image (drawn through a signature pad), the signatory's name and email, the timestamp, the document signed, and the attestation text. This is required for our customers' compliance with 21 CFR Part 11 and is treated as legally significant evidence of intent to sign.
Lab Assistant conversations. The Platform includes an AI-powered Lab Assistant. Conversations include the messages you send, files you attach, the assistant's responses, the structured actions the assistant proposes for your confirmation, user feedback (thumbs up / thumbs down), and a long-term “facility memory” of preferences and instructions you ask the assistant to remember across conversations.
Marketing contact form submissions. When you fill out the contact form on potion5.com, we collect your name, work email, company name, optional job title, facility type, product line size, and any free-text message you send. This information is forwarded to our team inbox by our transactional email provider; it is not stored in the Potion5 application database.
Communications. When you contact support, send feedback, or correspond with us about the Platform, we receive the contents of those messages.
Audit trail metadata. To meet our customers' obligations under FDA 21 CFR Part 11 and the ALCOA+ data integrity framework, the Platform maintains an immutable, append-only audit trail of every change to inventory, production, and compliance records. For each change we record the table and record affected, the specific field changed, the old and new values, the team member responsible, the timestamp, an optional reason field, and the IP address and user-agent string of the request that made the change. The audit trail is required for compliance and cannot be edited or deleted until its applicable retention period expires.
Authentication and session metadata. Our identity provider (Clerk) records information about each sign-in including IP address, device, browser, and authentication method. This information is held by Clerk and is referenced by Potion5 via an opaque identifier.
Application logs. Like any web application, the Platform generates server-side logs containing request paths, response codes, error stack traces, and (for some events) the IP address of the requester. Logs are retained for a limited period for debugging, abuse prevention, and security investigations.
Lab Assistant token usage. For each conversation with the Lab Assistant we record the number of input and output tokens consumed by the underlying language model and which model tier was used. This is used for internal usage accounting and rate limiting.
Marketing form rate-limit data. Submissions to the marketing contact form are rate-limited per IP address (no more than five submissions per IP per hour) and we apply a timing check to filter automated submissions. The IP address is held in memory only for the duration of the rate-limit window and is not persisted to a database.
Identity provider. If you sign in using an OAuth provider through Clerk (for example Google, Apple, GitHub, or Microsoft), Clerk receives your profile information from that provider and shares a subset (typically email, name, and avatar) with Potion5. Your relationship with the OAuth provider is governed by that provider's own privacy policy.
No data brokers. Potion5 does not purchase or enrich account data from third-party data brokers, lead-generation databases, or advertising partners.
We use the information we collect for the following purposes, each of which is necessary to operate the Platform, fulfill our contracts with our customers, comply with our legal obligations, or pursue our limited legitimate business interests.
Service delivery. We use account information and facility data to authenticate you, route you to the correct facility, generate Standard Operating Procedures, analyze formulations for allergens and ingredient interactions, track production runs, manage inventory and lot traceability, generate TTB compliance forms and tax estimates, capture electronic signatures, and power the Lab Assistant chat.
Communications about the service. We use your email and notification preferences to send transactional messages such as batch sheets, inventory and compliance alerts, supplier purchase orders, signature requests, account notices, and responses to support inquiries.
Document export. When you export an SOP, TTB form, batch sheet, or compliance report as DOCX, PDF, Excel, or CSV, we render the requested document from your stored data and deliver it to you or to a recipient you designate.
We maintain the immutable audit trail described above to support our customers' compliance with 21 CFR Part 11 and the ALCOA+ framework. We retain TTB, FDA, and FSMA 204 records for the periods prescribed by those regulations. Audit trail entries, electronic signatures, and TTB submission PDFs are retained even after a user deletes their account, to the extent required by law and the customer's underlying compliance obligations.
We use IP addresses, user-agent strings, application logs, and (on the marketing site) the contact form rate-limit data to detect and prevent abuse, prevent unauthorized access, investigate security incidents, and enforce these terms.
We use aggregated and de-identified usage statistics to understand which features are used, identify performance problems, and prioritize product improvements. Aggregated data does not identify any individual user, organization, facility, or formulation.
Potion5 uses artificial intelligence in two places: to draft six narrative sections of generated Standard Operating Procedures, and to power an interactive Lab Assistant that can answer questions about your facility and propose actions for your confirmation. We believe in being explicit about what data is sent to the underlying language model and what is not.
Our AI features are powered by Anthropic Claude, accessed through Anthropic's commercial API. Our use of Anthropic's API is governed by Anthropic's commercial terms, which (as of the date of this Policy) provide that data submitted through the commercial API is not used by Anthropic to train its public models.
For SOP generation: ingredient names, amounts, and units; equipment names, capacities, and types; the beverage category and target specifications; and structured regulatory metadata from our internal knowledge graph. We do not send your email, phone number, payment information, or other facilities' data.
For the Lab Assistant: the conversation history within the active session, structured query results from your facility's data (formulations, runs, inventory, TTB status), files you attach, and your stored facility memory (preferences and instructions you have asked the assistant to remember).
In all cases, model requests are scoped to a single facility. The Lab Assistant cannot read another customer's data, even if both customers share the same parent organization.
Potion5 does not use customer formulations, SOPs, batch records, chat conversations, or other proprietary content to train artificial intelligence models, neither our own models nor any third party's. We do not authorize Anthropic or any other model provider to train on customer-submitted data.
AI-generated content may contain errors, omissions, or fabricated information. The six AI-generated sections of an SOP (Purpose, Scope, Definitions, Procedure, Troubleshooting, and Training Requirements) are starting points and must be reviewed and verified by a qualified individual before the SOP is finalized or used in production. The Lab Assistant's recommendations are not professional, legal, regulatory, or food-safety advice.
When the Lab Assistant proposes an action that would change your data (for example, creating a production run or updating an inventory record), the action is held as a pending proposal and is only executed after you explicitly confirm it. No significant change to your data is made automatically without a human in the loop.
Potion5 does not sell personal information and does not share personal information for advertising purposes. We share information only with the limited set of subprocessors described below, with parties you explicitly authorize, or where required by law.
We use the following third parties to deliver the Platform. Each is bound by its own published privacy policy and, where applicable, by a written data-processing agreement with Potion5.
Clerk (Clerk.dev) — authentication. Clerk hosts our user identity store, manages sessions, and brokers OAuth sign-in. Clerk receives your email, name, and authentication credentials, plus session metadata such as IP address and device.
Anthropic — language models. Anthropic processes the prompts described in the AI section above when we generate SOP sections or run a Lab Assistant conversation.
Resend — transactional email. Resend delivers the Platform's transactional emails (batch sheets, alerts, supplier purchase orders, marketing contact-form forwarding). Resend receives recipient names, addresses, message bodies, and any attachments such as PDF batch sheets.
Vercel — frontend hosting. Vercel hosts the marketing site and the SOP Engine frontend. Vercel handles HTTP traffic to those properties and records standard server logs.
Backend host. Our FastAPI backend services are hosted on a cloud platform (Railway or equivalent). The backend host handles application traffic and runs the Platform's server processes.
PostgreSQL database host. A managed PostgreSQL provider stores the structured application data described in this Policy. Data is encrypted at rest and in transit and is logically scoped to your facility.
Neo4j Aura — knowledge graph. Neo4j Aura hosts our read-only domain knowledge graph (ingredients, equipment types, regulations, process templates). It does not contain customer data.
AWS S3 / Cloudflare R2 — compliance PDF storage. We store generated TTB form PDFs and certain document attachments in Amazon S3 or an S3-compatible object store. Files are encrypted at rest.
UploadThing — file uploads. UploadThing handles browser-based file uploads (formulation uploads, document attachments). UploadThing receives the file bytes and a reference to the uploader.
Notion — internal bug reporting (optional). When enabled, Potion5's internal error reporter logs unhandled exceptions to a private Notion database to help our engineers diagnose and fix bugs. Records include the error type, stack trace, request context, and the affected facility identifier.
Information you create on the Platform is shared with other authorized users within your organization and within the specific facility, according to the role-based and facility-level access controls your organization administrator configures. Your organization administrator can view, edit, and remove team members and can grant or revoke access to facilities and features.
If you create a formulation share link to collaborate with a brand owner or co-packer outside your organization, the recipient can view (and, on request, submit data through) the share link without authenticating. You are responsible for who you send share links to. Submitters who respond to a share link provide their name and email, which we store with the resulting submission.
We may disclose information when we believe in good faith that disclosure is necessary to comply with a law, regulation, court order, subpoena, or lawful regulatory request (including a TTB or FDA inspection demand directed at a customer); to enforce these terms; to protect the rights, property, or safety of Potion5, our users, or the public; to investigate fraud or security incidents; or in connection with a corporate transaction such as a merger or acquisition (with appropriate notice).
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify an individual, an organization, or a specific formulation, for purposes such as product improvement, benchmarking, and industry research.
Under California and other state privacy laws, “sale” means disclosing personal information for monetary or other valuable consideration, and “sharing” means disclosing personal information for cross-context behavioral advertising.
Potion5 does not sell personal information and does not share personal information for cross-context behavioral advertising. We have no advertising partners, no data brokers, and no behavioral retargeting infrastructure. The Platform does not run third-party analytics scripts (such as Google Analytics, Meta Pixel, LinkedIn Insight Tag, or similar) inside the application.
We honor Global Privacy Control (GPC) signals, although the practical effect is limited because we have no “sale” or “share” activity to opt out of. If you are a California resident and would like written confirmation that no sale or share has occurred, contact us using the address in the “Contact Us” section.
Potion5 uses a small number of cookies and browser-storage technologies that are strictly necessary to operate the Platform. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
Our identity provider, Clerk, sets a small number of secure, HttpOnly cookies that authenticate your session, prevent CSRF attacks, and keep you signed in. These cookies are required for the Platform to function and cannot be disabled while continuing to use the Platform.
The Platform stores a small amount of data in your browser's localStorage and sessionStorage to remember the facility you most recently used, alerts you have dismissed, and counters used by features such as inventory barcode scanning. This information stays on your device and is not transmitted to any third party.
The Platform does not contain Google Analytics, Meta Pixel, LinkedIn Insight Tag, Hotjar, Mixpanel, PostHog, Segment, AppNexus, The Trade Desk, or any other advertising-network or behavioral-tracking code. We do not use device fingerprinting and we do not place cookies that follow you across other websites.
Most browsers allow you to view, manage, and delete cookies and browser storage through their settings. Disabling Clerk's strictly-necessary session cookies will prevent you from signing in to the Platform.
Your privacy rights depend on where you live. The rights described below are available regardless of jurisdiction; the appeal procedures and statutory deadlines vary by state law.
Right to know. You may request the categories and specific pieces of personal information we have collected about you, the categories of sources, the purposes for which we use it, and the categories of third parties with whom we have shared it.
Right to access and portability. You may request a copy of your personal information in a portable, machine-readable format.
Right to correct. You may request that we correct inaccurate personal information we maintain about you.
Right to delete. You may request that we delete personal information we have collected from you. Important: because the Platform is used to generate regulated records, we are legally required to retain certain records (audit trail entries, electronic signatures, TTB submission PDFs, FDA and FSMA 204 records) for the periods prescribed by the applicable regulations, even if you ask us to delete them. We will delete what we can and tell you what we cannot delete and why.
Right to opt out of sale and sharing. As described above, Potion5 does not sell personal information and does not share personal information for cross-context behavioral advertising. If you would like written confirmation, request it through the contact information below.
Right against automated decision-making. The Platform does not make significant decisions about you automatically. The Lab Assistant's proposed actions are always confirmed by a human user before they are executed.
Right to non-discrimination. We will not retaliate against you for exercising any of these rights.
Right to appeal. If we decline a request, you may appeal by replying to our response. We will respond to appeals within the period required by your state's privacy law (typically 45 to 60 days).
Email. Send privacy requests to info@potion5.com with “Privacy Rights Request” in the subject line and a description of the right you wish to exercise.
Account holders. Sign in and submit your request from your account so we can verify your identity against your active session.
Authorized agents. You may designate an authorized agent to make a request on your behalf. We may require proof of authorization and may require you to verify your identity directly.
To protect your privacy, we will verify your identity before responding to a request to know, delete, or correct personal information. We will acknowledge your request promptly and respond within the period required by your state's law (typically 45 days, with one extension where permitted).
If you are a team member at a customer organization, your organization is the “controller” of the data about you that exists on the Platform. We will refer you to your organization administrator for requests that affect that data, and we will assist your administrator in fulfilling the request.
The Platform is intended only for adult business users and is not directed to children. We do not knowingly collect personal information from anyone under 13 (or 16, where required by law). If you believe a child has provided information to us, contact us at info@potion5.com and we will delete it promptly.
We implement commercially reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, disclosure, alteration, and destruction.
Technical safeguards include:
Administrative safeguards include documented internal policies, access controls limiting who at Potion5 can reach customer data, vetting of subprocessors, and an incident-response process.
No system is perfectly secure. We cannot guarantee absolute security and you provide information to the Platform at your own risk. If you believe your account has been compromised, contact us immediately at info@potion5.com. We will notify affected users without undue delay following discovery of any personal data breach and will comply with applicable breach-notification laws.
We retain personal information only as long as necessary to provide the Platform, fulfill our contracts with our customers, and meet our legal and regulatory obligations.
Account information. Retained while your account is active. After account closure we retain a limited record for a reasonable period to honor legal, audit, and dispute obligations.
Facility, formulation, and SOP data. Retained while your subscription is active. Versioned (immutable) records such as formulation versions and SOP versions are retained for the life of the facility's subscription, plus the longer of any statutory retention period or the wind-down period agreed in your subscription terms.
Audit trail. Retained for the period required by the applicable regulatory framework and tagged with that framework on each entry. The audit trail is immutable and cannot be edited or deleted within its retention period.
TTB records. Retained for at least five years, in accordance with 27 CFR.
FDA and FSMA 204 records. Retained for the periods required by FDA regulations and the FSMA 204 traceability rule (typically two to three years, depending on the record type).
Electronic signatures. Retained as part of the document they signed, for the same retention period as that document.
Lab Assistant conversations. Retained while your subscription is active. You may soft-delete conversations from your account; soft-deleted conversations are excluded from the assistant's context but may persist in backups for a limited time.
Marketing contact form submissions. Stored by our transactional email provider for that provider's standard period. We retain replies to your inquiry in our team inbox for as long as needed to respond.
Application logs. Retained for a limited period (typically 30 to 90 days) at our hosting providers for debugging, abuse prevention, and security investigations.
Aggregated and de-identified data. We may retain aggregated or de-identified data indefinitely because it cannot identify you.
Potion5 is based in the United States and the Platform is designed for the U.S. market. The regulatory frameworks the Platform supports (TTB, FDA, FSMA 204, 21 CFR Part 11) are U.S.-specific. Personal information collected through the Platform is processed and stored in the United States.
If you access the Platform from outside the United States, your information will be transferred to and processed in the United States, which may have data-protection laws different from those of your country. By using the Platform you consent to that transfer.
We do not currently target or market the Platform to users in the European Economic Area, the United Kingdom, or Switzerland. If you are located in one of those regions and would like to discuss your use of the Platform, please contact us before creating an account.
We operate a public evaluation environment at demo.potion5.com. The demo environment is shared, is reset on a periodic schedule, and is intended for evaluation only.
We may update this Privacy Policy from time to time to reflect changes in our practices, the Platform's features, or applicable law.
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Email: info@potion5.com
Mailing address:
Salome Beverage Ops LLC
Attn: Privacy Department
4501 Orchard Lane
Naples, Florida 34112
Last Updated: April 8, 2026
Effective Date: April 8, 2026
This Privacy Policy complements our Terms of Use and other policies governing use of the Potion5 Platform. In the event of any conflict between this Privacy Policy and another Potion5 document, this Privacy Policy governs with respect to privacy matters.