Privacy Policy
Last updated: January 2025
1. Information We Collect
We collect information you provide directly to us, including: name, email address, shipping address, phone number, and payment information when you create an account or place an order. We also automatically collect certain technical information such as IP address, browser type, and device information when you visit our website.
2. How We Use Your Information
We use the information we collect to: process and fulfill your orders, communicate with you about your orders and account, send you marketing communications (with your consent), improve our website and services, comply with legal obligations, and prevent fraud and abuse.
3. Data Storage & Security
Your personal data is stored on secure servers with industry-standard encryption. We use SSL/TLS encryption for all data transmission. Payment information is processed through PCI-DSS compliant payment processors and is never stored on our servers. We implement appropriate technical and organizational measures to protect your data.
4. GDPR Compliance
For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). You have the right to: access your personal data, rectify inaccurate data, request erasure of your data, restrict processing, data portability, and object to processing. To exercise these rights, contact our Data Protection Officer.
5. Cookies
We use essential cookies to operate our website, including session management and shopping cart functionality. We also use analytics cookies to understand how visitors interact with our site. You can control cookie preferences through your browser settings.
6. Third-Party Sharing
We do not sell your personal information. We share data only with: payment processors (to complete transactions), shipping carriers (to deliver orders), and analytics providers (anonymized data only). All third-party partners are contractually obligated to protect your data.
7. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Order data is retained for 7 years for tax compliance. You may request deletion of your account data at any time.
8. International Transfers
Your data may be transferred to and processed in countries outside your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, for any international data transfers.
9. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.
10. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact our Data Protection Officer at privacy@toppeptides.com. We will respond to all legitimate requests within 30 days.