All products are for research use only. Not for human consumption, veterinary use, or food/drug applications. Must be 18+ to purchase.

Peptides.net
HomePoliciesPrivacy Policy

Last updated: March 2025

Privacy Policy

This policy explains how Peptides.net collects, uses, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller

Peptides.net is the data controller responsible for your personal information. We are registered in England and Wales. For data protection enquiries, use the contact form on our Contact page. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data has been handled incorrectly.

Information We Collect

Data collected directly from you or automatically when you use our site

Account informationName and email address provided during registration
Order informationDelivery address, order contents, and order history
Payment informationProcessed securely by Stripe. We do not store card numbers, CVV codes, or full card details on our servers
CommunicationsMessages sent via our contact form and any email correspondence with our support team
Technical dataIP address, browser type, and page interaction data collected automatically when you visit the site

We collect only the data necessary to provide our service. We do not purchase or import data from third-party marketing lists, and we do not build advertising profiles from your browsing behaviour.

How We Use Your Information

  • To process, fulfil, and communicate about your orders
  • To manage your account and authenticate your identity
  • To send order confirmations, dispatch notifications, and tracking information
  • To respond to enquiries submitted via our contact form
  • To improve our website, product range, and customer experience
  • To comply with legal obligations including UK tax and accounting requirements
  • To detect and prevent fraudulent transactions
Our legal basis for processing order and account data is contract performance (Article 6(1)(b) UK GDPR). Processing for legal compliance is based on a legal obligation (Article 6(1)(c)). Processing for fraud prevention and site improvement is based on legitimate interests (Article 6(1)(f)).

Data Sharing

We do not sell, rent, or trade your personal data. We share data only with the following categories of third-party service providers, and only to the extent necessary to fulfil your order or operate our service:

Stripe

Payment processing. Stripe processes card transactions on our behalf under their own privacy policy. We do not receive or store your card details.

Royal Mail

Order delivery. Your name and delivery address are shared with Royal Mail to dispatch your order.

Hosting & Infrastructure

Our website and database are hosted on cloud infrastructure in the UK and EU with appropriate data processing agreements in place.

No personal data is transferred outside the UK or European Economic Area unless appropriate safeguards are in place under UK GDPR (such as Standard Contractual Clauses or an adequacy decision).

Cookies

We use essential cookies only. These are required for the website to function and cannot be disabled without affecting core features such as your shopping basket and account session.

Cookies we use

  • Session authentication cookie
  • Shopping basket state
  • CSRF protection token

Cookies we do not use

  • Advertising or retargeting cookies
  • Third-party analytics tracking
  • Social media tracking pixels

Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. The following general retention periods apply:

Order records and associated personal data7 years (UK tax and accounting requirements)
Account informationFor the duration of account activity, plus 12 months after last login
Contact form submissions12 months from the date of submission
Technical logs (IP addresses, access logs)90 days

You may request deletion of your account and associated data at any time by contacting us. We will action deletion requests within 30 days, subject to any legal retention obligations.

Your Rights Under UK GDPR

You have the following rights regarding your personal data

Right of access

Request a copy of the personal data we hold about you

Right to rectification

Ask us to correct any inaccurate or incomplete data

Right to erasure

Request deletion of your personal data, subject to legal retention requirements

Right to restriction

Ask us to limit how we process your data in certain circumstances

Right to portability

Receive your personal data in a structured, machine-readable format

Right to object

Object to processing of your data based on our legitimate interests

Right to withdraw consent

Where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us using the form on our Contact page. We will respond to verified requests within one calendar month. In some cases, we may need to verify your identity before we can fulfil a request.

Contact & Complaints

For any data protection enquiry or to exercise your rights, contact us via the Contact page. We aim to respond to all data-related requests within 5 business days and to resolve them within one calendar month.

If you are not satisfied with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:

Information Commissioner's Office (ICO)

ico.org.uk

Helpline: 0303 123 1113

Questions about your data?

Contact us with any data protection questions or to exercise your rights. We respond to all privacy enquiries within 5 business days.

Contact Us

Your Cart

Your cart is empty

Add some research compounds to get started.

Browse Products