Privacy Policy - Peptide Tech

Privacy Policy for Peptide Tech LLC

Peptide Tech LLC

1309 Coffeen Ave, Ste 14346

Sheridan, WY 82801, United States

(“Peptide Tech,” “we,” “us,” or “our”)

Effective Date: August 26, 2025

Last Updated: August 26, 2025

1. Introduction and Scope

This Privacy Policy explains how Peptide Tech LLC collects, uses, protects, and discloses your personal information when you interact with our website at peptide-tech.com (the “Site”), utilize our services, or purchase our Research-Use-Only (“RUO”) peptides and related products (“Products”).

We are committed to protecting your privacy and complying with all applicable data protection laws globally.

Who This Policy Applies To: This Policy applies to all individuals who interact with our Site or purchase our Products, regardless of location.
Compliance: We adhere to the highest standards, including the CCPA/CPRA for California residents and the GDPR, UK GDPR, and FADP for individuals in the EU, UK, and Switzerland.
Your Consent: By using the Site or purchasing our Products, you agree to the practices described in this Policy. If you do not agree, please do not use our Site or services.
Data Controller: Peptide Tech acts as the data controller for the information processed under this Policy. For questions, please contact us at legal@peptide-tech.com

2. Information We Collect

We collect only the personal information strictly necessary for our business operations, order fulfillment, compliance checks, and customer support. Personal information is any data that identifies or relates to you as an individual.

2.1 Categories of Personal Information

Category	Examples of Data Collected
Identifiers	Name, email address, phone number, postal address (billing/shipping), account username, IP address, and device IDs.
Commercial Information	Purchase history, products viewed/added to cart, and payment details (e.g., last four digits of the card, transaction ID). Full payment data is handled by secure third-party processors and is not stored by us.
Professional/Verification Data	Job title, employer/institution name, research field, or credentials needed to confirm your eligibility to purchase RUO products.
Internet & Network Activity	Browsing history on our Site, pages visited, browser type, operating system, and data collected via cookies and tracking technologies (see Section 9).
Geolocation Data	Coarse location (e.g., state or country) derived from your IP address, used primarily for tax and regional restriction compliance.
Inferences	Profiles derived from your interactions (e.g., product preferences) to improve and personalize our service offerings.

We do not intentionally collect sensitive data (such as health or genetic information) unless you voluntarily provide it in a support inquiry, in which case it is handled securely. We do not collect data from individuals under 18 years old.

2.2 Sources of Information

Directly from You: When you register, place an order, submit inquiries, or provide age/eligibility verification (e.g., government-issued ID for age 21+ checks).
Automatically: Through cookies, server logs, and tracking technologies when you browse the Site.
From Third Parties: Our payment processors, shipping carriers (e.g., UPS/FedEx), fraud detection services, and public sources for compliance screening (e.g., sanctions lists).

3. How We Use Your Information

We process your personal information for specific, legitimate business purposes:

Order Fulfillment: To process your purchase, confirm eligibility, ship Products from our facilities, manage payments, and provide comprehensive customer support.
Compliance & Verification: To verify your age (21+) and RUO eligibility, perform necessary regulatory screenings (e.g., FDA, export controls), and prevent fraud or misuse.
Site Operation & Improvement: To maintain our Site’s functionality, analyze usage patterns, personalize content, and enhance your overall user experience.
Marketing & Communications: To send essential transactional emails (e.g., order confirmations) and, only with your explicit opt-in consent, send promotional materials about similar Products. We do not sell personal information for targeted advertising without your consent.
Legal & Security Purposes: To detect and prevent fraud, enforce our Terms and Conditions, comply with legal requirements (e.g., tax reporting), and protect our systems against security threats.
Analytics & Research: To generate anonymized data for internal business insights, such as analyzing demand trends for RUO peptides.

4. Disclosure and Sharing of Information

We share your personal information only when necessary and strictly pursuant to this Policy. We do not sell your personal information in the traditional sense. However, note that under CCPA/CPRA, certain types of data sharing (e.g., with service providers for analytics) may qualify as a “sale” or “sharing” subject to your opt-out rights.

4.1 Categories of Recipients

Service Providers: Vendors who perform essential functions on our behalf, such as payment processing (Stripe), shipping (UPS/FedEx), cloud hosting, and analytics (Google Analytics). They are contractually bound to use your data only according to our instructions.
Affiliates and Successors: Within our corporate group or in connection with a merger, acquisition, or sale of assets.
Regulatory Authorities: As required by law (e.g., customs for international exports, law enforcement subpoenas, or government agencies for RUO compliance).
Professional Advisors: Auditors, lawyers, or consultants, who operate under strict confidentiality obligations.

4.2 International Transfers

Your personal information may be transferred to and processed in the United States (where we are based) or other countries globally. For our EU/UK/Swiss data subjects, we use Standard Contractual Clauses (SCCs) and other equivalent mechanisms to ensure your data is protected according to high international standards.

5. Legal Bases for Processing (GDPR/UK GDPR/FADP)

If you are a resident of the EU, UK, or Switzerland, we process your personal information based on the following legal grounds:

Contract Performance: Necessary to fulfill your order and provide the services you requested.
Legitimate Interests: Necessary for fraud prevention, security, internal analytics, and direct marketing (balanced against your fundamental rights and freedoms).
Legal Obligation: Necessary to comply with a binding legal or regulatory requirement (e.g., export controls, tax laws).
Consent: Your explicit agreement for non-essential purposes, such as certain cookies or marketing communications. You have the right to withdraw this consent at any time.

6. Your Rights

You have significant rights over your personal information, which vary based on your jurisdiction:

Jurisdiction	Key Rights
CCPA/CPRA (California)	Right to Know (data collected, used, shared); Right to Delete/Correct; Right to Opt-Out of the Sale/Sharing of data (including via Global Privacy Control signals); Right to Limit the use of Sensitive Personal Information; Right to Non-Discrimination.
GDPR/UK GDPR/FADP (EU/UK/Swiss)	Right of Access (receive a copy of your data); Right to Rectification; Right to Erasure; Right to Restriction of Processing; Right to Object; Right to Data Portability; Right to Lodge a Complaint with a supervisory authority.

How to Exercise Your Rights:

Please submit all requests via email to legal@peptidetech.co or via the contact address above. We will verify your identity (e.g., using an order number or account details) and respond within the timeframe mandated by your local law (e.g., 45 days for CCPA, one month for GDPR).

7. Data Retention and Security

Retention: We retain personal information only for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations (e.g., up to 10 years maximum for order and compliance records), or resolve disputes. Data is deleted or securely anonymized after the applicable retention period.
Security: We utilize industry-standard technical, administrative, and physical safeguards, including TLS encryption for data in transit and AES-256 encryption for data at rest. While no system is perfectly secure, we implement strong measures and conduct regular audits to protect your data. Please report any suspected breaches immediately to legal@peptidetech.co.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for several reasons:

Essential Cookies: Required for the core operation and functionality of the Site (e.g., session management, shopping cart). No opt-out is available.
Performance/Analytics Cookies: Track Site usage and traffic (e.g., Google Analytics) to help us understand and improve our services. You can opt-out via your browser settings or our cookie consent banner.
Marketing Cookies: Used for personalized advertising and targeted promotions. These require your explicit consent.

You can manage your preferences at any time via our cookie banner.

9. Children’s Privacy and Policy Updates

Children’s Privacy: Our Site and Products are intended for qualified professionals aged 21+. We do not knowingly collect data from individuals under the age of 18. If we become aware of any such data, we will delete it immediately.
Changes to This Policy: We may update this Policy to reflect changes in our practices or legal requirements. Revisions will be posted on the Site with a new effective date and announced via a prominent Site notice for any material changes. Your continued use constitutes acceptance of the revised Policy.