Privacy Policy

We only collect data that is necessary for the purposes set out in this policy. Depending on how you use our website and services, this may include the following categories of personal data:

• Identification and contact data — name, business affiliation, postal address, email address, and telephone number you provide when requesting a Certificate of Analysis (CoA), placing an order, or contacting us.
• Account data — credentials, preferences, and communication settings if and when you register for a research-buyer account.
• Order and transaction data — products requested or purchased, billing information, shipping details, and history of correspondence with our team.
• Technical data — IP address (truncated where feasible), browser type and version, time zone, device type, operating system, referring URL, and pages viewed.
• Usage data — interactions with the portfolio listing, search queries on the site, and aggregate analytics signals.
• Communications — content of messages, support tickets, and any documents you send to us.

We collect personal data through three main channels:

• Directly from you — when you fill in a form, request a CoA, place an order, sign up for updates, or correspond with us by email.
• Automatically — through cookies and similar technologies that record technical and usage data when you browse the site (see section 6).
• From third parties — limited to service providers who help us deliver the website (e.g., hosting, payment processing, shipping carriers) and only to the extent strictly necessary.

Under GDPR Art. 6(1) and the corresponding revFADP provisions, we rely on one or more of the following legal grounds when we process your personal data:

• Performance of a contract — to process your order, ship goods, issue invoices, and provide support.
• Legal obligation — to comply with accounting, tax, customs, export-control, and product-stewardship requirements that apply to research-grade peptides.
• Legitimate interests — to operate, secure, and improve our website, prevent fraud, and communicate with research customers about ongoing matters. We balance these interests against your rights and freedoms in every case.
• Consent — for non-essential cookies, marketing communications, and any optional data sharing. Consent can be withdrawn at any time without affecting the lawfulness of prior processing.

We process your personal data only for the specific, legitimate purposes listed below:

• To deliver the products and documents you request (CoA, order confirmations, shipping updates).
• To verify that prospective customers are bona fide research entities, since all of our compounds are sold for research use only and are not intended for human consumption.
• To manage our business records, including invoicing, accounting, and regulatory reporting.
• To operate, maintain, and secure the website, including detecting and preventing abuse, fraud, and unauthorised access.
• To improve our portfolio, content, and user experience using aggregated and, where consented, individual analytics.
• To send service-related communications and, with your prior consent, periodic updates about new compounds or quality programmes. Every marketing email contains a one-click unsubscribe link.
• To comply with applicable laws, lawful requests from authorities, and our internal compliance and ethics policies.

We do not sell your personal data, ever. We share it only with the following categories of recipients, and only to the extent necessary:

• Service providers acting as data processors on our behalf — hosting and infrastructure providers, email and customer-support tooling, analytics, payment processors, logistics carriers, and accounting firms. Each one is bound by a written data-processing agreement.
• Professional advisors — lawyers, auditors, and tax advisors when we need their assistance and only under confidentiality obligations.
• Public authorities and regulators — where we are legally required to disclose data, for example to customs, export-control, or law-enforcement bodies, and only to the minimum extent required.
• Successors in interest — in the event of a merger, acquisition, restructuring, or insolvency, in which case we will inform affected individuals as required by law.

Our website uses a minimal set of cookies and similar local-storage technologies. Strictly necessary cookies are required to operate the site and do not need consent. Any analytics, preference, or marketing cookies are loaded only after you provide consent through our cookie banner, in line with the Swiss Telecommunications Act (FMG/LTC) and the EU ePrivacy framework.

You can withdraw or change your consent at any time by clicking the "Cookie settings" link in the footer, or by clearing cookies in your browser. Disabling strictly necessary cookies may impair core functionality of the site.

Our infrastructure is operated primarily in Switzerland and the European Economic Area. When we engage processors outside of these regions, we put in place appropriate safeguards as required by GDPR Art. 46 and revFADP Art. 16, including the European Commission Standard Contractual Clauses, the Swiss FDPIC-approved versions of those clauses, and where applicable supplementary technical and organisational measures.

You may request a copy of the safeguards in place by contacting us.

We apply technical and organisational measures appropriate to the risk, including transport-layer encryption, access controls based on least privilege, regular backups, internal logging, and security training for staff who handle personal data.

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected and to satisfy applicable legal obligations. Order, invoicing, and tax records are typically retained for ten (10) years in line with Swiss commercial law. Account and customer-service records are retained for the duration of the relationship plus a reasonable period afterward, generally not exceeding three (3) years. Anonymised analytics data may be retained indefinitely.

Under the GDPR and the revFADP, you have the following rights regarding your personal data:

• Access — to know what data we hold about you and obtain a copy.
• Rectification — to ask us to correct inaccurate or incomplete data.
• Erasure — to ask us to delete your data when it is no longer necessary or when you withdraw consent, subject to overriding legal obligations.
• Restriction — to limit how we process your data while a query is being resolved.
• Objection — to object to processing based on legitimate interests, including profiling, and at any time to direct marketing.
• Portability — to receive a copy of the data you provided in a structured, machine-readable format and to transmit it to another controller.
• Withdrawal of consent — without affecting the lawfulness of prior processing.
• Complaint — to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC, www.edoeb.admin.ch) or with the supervisory authority in your EU/EEA country of residence.

Our website and products are intended exclusively for adult research professionals. We do not knowingly collect personal data from individuals under 18 years of age. If you believe a minor has provided us with personal data, please contact us and we will delete the information without undue delay.

Our pages occasionally link to external resources such as PubChem, ClinicalTrials.gov, peer-reviewed journals, and Wikimedia Commons. These websites operate independently and have their own privacy practices. We are not responsible for their content or for the way they handle personal data, and we encourage you to read their privacy notices before submitting any information to them.

We may update this privacy policy from time to time to reflect changes in our practices, in technology, or in applicable law. The "Last updated" date at the top of this page indicates when the policy was last revised. Material changes will be highlighted on this page in advance, and where required by law we will obtain your fresh consent. Your continued use of the site after the effective date constitutes acceptance of the updated policy.