Legal

Privacy Policy

Your privacy matters. Learn how we collect, use, and protect your data.

Last Updated: April 12, 2026

Privacy Policy

Dr. Peptides ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, store, and disclose information when you visit our website (drpeptides.ltd), submit inquiries, or engage with our B2B wholesale peptide services.

1. Information We Collect

1.1 Information You Provide Directly

When you submit a price list request, contact form, or inquiry, we may collect:

  • Contact Information: Full name, business email address, phone number
  • Company Information: Company name, position/title, industry sector
  • Business Details: Estimated order volume, country of operation, specific product requirements
  • Communications: Content of messages, emails, or other correspondence with our team

1.2 Information Collected Automatically

When you visit our website, we automatically collect:

  • Device Information: Browser type and version, operating system, screen resolution
  • Usage Data: Pages visited, time spent on pages, referring URLs, click patterns
  • Network Information: IP address, approximate geographic location (country/region level)
  • Cookies and Tracking: Session identifiers and preference cookies (see Section 6)

2. How We Use Your Information

We process your personal data for the following purposes:

  • Service Delivery: To respond to your inquiries, provide wholesale pricing, and process orders
  • Communication: To send you requested price lists, product updates, and order status notifications
  • Business Operations: To manage our B2B relationships, including account management and customer support
  • Legal Compliance: To comply with applicable laws, regulations, and export control requirements
  • Website Improvement: To analyze usage patterns and improve our website functionality and user experience
  • Security: To detect and prevent fraud, abuse, or unauthorized access

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data based on the following legal grounds:

  • Consent: When you voluntarily submit a form or subscribe to communications (Article 6(1)(a))
  • Contractual Necessity: When processing is necessary for the performance or preparation of a B2B contract (Article 6(1)(b))
  • Legitimate Interests: For business operations, website improvement, and fraud prevention, where our interests do not override your rights (Article 6(1)(f))
  • Legal Obligation: When required by law, including export control compliance (Article 6(1)(c))

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data to third parties. We may share your information with:

  • Service Providers: Trusted third-party providers who assist with website hosting, email delivery, analytics, and payment processing, bound by data processing agreements
  • Legal Authorities: When required by law, court order, or regulatory request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate safeguards
  • Logistics Partners: Shipping and customs documentation providers necessary for order fulfillment

5. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this policy:

  • Inquiry Data: Retained for up to 24 months from last interaction, unless a business relationship is established
  • Customer Data: Retained for the duration of the business relationship plus 7 years for regulatory compliance
  • Website Analytics: Aggregated and anonymized after 26 months
  • Cookie Data: See Section 6 for specific retention periods

6. Cookie Policy

Our website uses cookies and similar technologies:

  • Essential Cookies: Required for website functionality (session management, form submissions). These cannot be disabled. Duration: session or up to 24 hours.
  • Analytics Cookies: Help us understand website usage patterns and improve our services. Duration: up to 26 months.
  • Preference Cookies: Store your settings and preferences for a better experience. Duration: up to 12 months.

You can manage cookie preferences through your browser settings. Disabling cookies may affect website functionality.

7. International Data Transfers

As a global B2B supplier serving 55+ countries, your data may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data processing agreements with all service providers
  • Encryption in transit (TLS 1.3) and at rest

8. Your Rights (GDPR & CCPA)

Depending on your jurisdiction, you may have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing

To exercise any of these rights, contact us at legal@drpeptides.ltd. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Regular security audits and vulnerability assessments
  • Access controls and employee training on data protection
  • Incident response procedures with 72-hour breach notification (per GDPR Article 33)

10. Third-Party Services

Our website may integrate with the following categories of third-party services:

  • Analytics: Website usage analysis (anonymized/aggregated data)
  • Email Services: Transactional email delivery for inquiries and order communications
  • Content Delivery: CDN services for website performance optimization
  • Font Services: Google Fonts for typography rendering

11. Children's Privacy

Our website and services are designed for business-to-business (B2B) use and are not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware of such collection, we will delete the data promptly.

12. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, or legal requirements. We will post the updated policy on this page with a revised "Last Updated" date. Material changes will be communicated via email to active business contacts.

13. Contact Us

For privacy-related inquiries, data subject requests, or concerns about this policy:

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.

Request Price List