HomePrivacy Policy
Legal

PRIVACY POLICY

How Buy Peptides UK collects, processes, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who We Are

Buy Peptides UK ("we", "us", "our") is the data controller for personal information collected through this website. We are based in the United Kingdom and comply with the UK GDPR and the Data Protection Act 2018. If you have any questions about this policy, contact us at [email protected].

Information We Collect

We only collect information that is necessary to process your orders, deliver products, and provide customer support. Specifically:

  • Contact details - name, email address, phone number
  • Delivery details - shipping address, billing address
  • Order history - products purchased, order value, dates
  • Communication records - emails, support enquiries, chat messages
  • Technical data - IP address, browser type, device, anonymised analytics

We never store payment card details.All payments are processed securely by our payment providers (Stripe, bank transfer). We do not have access to your full card number, CVV, or banking credentials.

How We Use Your Data

Your data is used solely for the following purposes:

  • Processing orders and delivering products to your address
  • Sending order confirmations, dispatch notifications, and tracking links
  • Responding to customer service enquiries
  • Sending newsletter emails (only if you subscribe - opt-in only)
  • Improving our website and detecting fraudulent activity
  • Complying with legal obligations (tax records, dispute resolution)

We never sellyour personal data and never share itwith third parties for advertising or marketing purposes.

Third-Party Services

We use the following third-party services to operate our store. Each is GDPR compliant and processes data only on our behalf:

  • Cloudflare - DDoS protection and CDN delivery (anonymised IP logs only)
  • Royal Mail / DPD - shipping carriers (name, address, phone for delivery)
  • Resend - transactional and newsletter email delivery
  • Stripe - credit card processing (we never see card details)

Data Retention

We retain your order data for seven yearsas required by HMRC for VAT records. Account information is retained for as long as your account is active. Newsletter subscriptions are retained until you unsubscribe. Anonymised analytics data is retained for 26 months.

Your Rights Under GDPR

You have the following rights regarding your personal data under UK GDPR:

  • Right of access - request a copy of all data we hold about you
  • Right to rectification - correct inaccurate or incomplete data
  • Right to erasure - request deletion of your personal data ("right to be forgotten")
  • Right to restrict processing - limit how we use your data
  • Right to data portability - receive your data in a machine-readable format
  • Right to object - object to certain types of processing
  • Right to withdraw consent - at any time for newsletter or marketing

To exercise any of these rights, email [email protected]. We will respond within 30 days as required by law. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Cookies

We use a small number of essential cookies to keep you logged in, remember your cart contents, and ensure the checkout process works correctly. We also use anonymised analytics cookies to understand how visitors use the site. We do not use advertising or tracking cookies. Your browser allows you to block or delete cookies at any time through its settings.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be published on this page with a revised date. We encourage you to review this policy periodically.