Skip to content
Emulsive Compounds
Sign in

Compliance

Compliance

Last updated · May 2026

FDA position

These products have not been evaluated by the Food and Drug Administration. These products are not intended to diagnose, treat, cure, or prevent any disease.

Age requirement

Purchasers must be at least 21 years of age. Age is verified prior to entering the site and re-acknowledged at checkout.

Prohibited uses

Products may not be used in any manner that contravenes applicable federal, state, or local law. By purchasing you acknowledge sole responsibility for compliance with all such laws.

PRD §10.3 status

Every item below is either code-enforced, pending counsel review, or explicitly blocked by an outstanding client decision. This list is the source of truth for the compliance posture of the site.

  • Age verification on first visit

    Enforced

    Server-side cookie check in proxy.ts redirects every storefront request without the verification cookie to /age-verification. DOB validation against 21+ minimum. Each verification logged to age_verifications table with timestamp + IP.

    src/proxy.ts · src/lib/compliance/age-gate.ts · src/app/age-verification/actions.ts

  • Terms acceptance at checkout (logged with timestamp)

    Enforced

    Required checkbox at checkout, timestamp + IP stored on the orders row (terms_accepted_at, terms_accepted_ip) at order placement.

    src/lib/orders/place.ts · supabase/migrations/0001_init.sql

  • FDA disclaimer on every PDP

    Enforced

    Every product detail page renders the FDA disclaimer in its 'Research Use Only' section via the shared FDA_DISCLAIMER constant.

    src/lib/compliance/disclaimers.tsx · src/app/(storefront)/product/[slug]/page.tsx

  • Research Use Only disclaimer on every PDP

    Enforced

    Every product detail page renders <PDPComplianceOverlay /> in its overview section, plus the full RUO text in the disclaimer section.

    src/components/product/ · src/lib/compliance/disclaimers.tsx

  • Footer disclaimers on every page

    Enforced

    Footer renders <RUODisclaimer /> + <FDADisclaimer /> + 21+ reminder. Footer is included in every storefront / account / auth layout.

    src/components/layout/Footer.tsx

  • No medical claims (content review)

    Enforced

    Automated medical-claim grep runs against all source and DB product copy via `npm run audit:compliance`. Exits non-zero on un-allowlisted hits. Maintains a documented allowlist for legitimate non-medical phrases (FDA quote, code comments).

    scripts/compliance-audit.mjs · .compliance-allowlist.txt · package.json

  • Privacy policy CCPA compliant

    Pending counsel

    Privacy policy includes a CCPA rights section. Dedicated /legal/do-not-sell opt-out form lives at the public route required by CCPA, footer-linked from every page. Final language pending counsel.

    src/app/(storefront)/legal/content.ts · src/app/(storefront)/legal/do-not-sell/

  • No shipping to restricted states

    Blocked · open-q-6

    Enforcement code wired in three layers (client form check, server defense in placeOrder, public restricted-states module). List is empty pending client + counsel confirmation of which states to exclude.

    src/lib/compliance/restricted-states.ts · src/app/(storefront)/checkout/CheckoutForm.tsx · src/lib/orders/place.ts

  • Email marketing CAN-SPAM compliant

    Pending counsel

    Standard CAN-SPAM footer (physical address + unsubscribe URL) appended to every canned email template via canSpamFooter(). Real provider (Resend/Postmark) + double-opt-in flow lands when EMAIL_PROVIDER is set.

    src/lib/compliance/marketing.ts · src/lib/email/send.ts