Privacy Policy

1. Introduction

Peptide1 (the "App"), operated by [Your Company Name] ("we," "us," or "our"), is a research reference tool that aggregates publicly available peptide research data for educational purposes. We are committed to protecting your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your personal information.

2. Data We Collect

We collect the following information when you use the App:

Account Information: email address and a securely hashed password (we never store your password in plain text).

Usage Data: research preferences and reference tool usage data, including: research tracking preferences, reference lookup logs, site rotation notes, phase configurations, stack setups, journal entries, and inventory records you choose to enter.

Consent Records: timestamps of your agreement to our Medical Disclaimer and Terms of Service.

We do NOT collect: your real name (display name is optional), date of birth, physical address, phone number, payment information, health records, or any data beyond what you explicitly enter into the App.

3. How We Use Your Data

Your data is used solely to provide the App's research reference functionality to you — organizing your research tracking preferences, performing reference calculations, managing inventory records, and generating reminders. We do not collect clinical data, and no medical decisions are made by or facilitated through the App. We do not use your data for advertising, profiling, or any purpose beyond operating the research reference tool.

4. Data Storage and Security

Your data is stored in an encrypted database on Railway infrastructure with encryption at rest. Passwords are irreversibly hashed using industry-standard algorithms (Werkzeug/PBKDF2). We use HTTPS for all data transmission. Access to the database is restricted to the application and its administrator.

5. Third-Party Sharing

We do not sell, trade, rent, or share your personal data with any third parties. We do not use third-party analytics, advertising networks, or data brokers. The only external service involved is our hosting provider (Railway), which processes data solely to serve the App.

6. Data Retention

We retain your data for as long as your account is active. You may delete your account at any time from the Settings page. Upon account deletion, all of your personal data — including schedules, doses, journal entries, reminders, injection site logs, and inventory records — is permanently and irreversibly deleted from our systems. The shared peptide reference database (compound information) is not affected by account deletion.

7. Your Rights

You have the right to: (a) access all data associated with your account (visible in the App); (b) correct your data by editing entries in the App; (c) delete your account and all associated data at any time via Settings; and (d) export your dose tracking history as a CSV file via the App's export function.

8. Data Classification Notice

Peptide1 is a research reference tool, not a health application. Any schedule or preference data you enter constitutes research tracking preferences — not medical records, clinical data, or protected health information. The App is not a medical device, electronic health record (EHR), or covered entity under HIPAA. No clinical data is collected and no medical decisions are made by or supported through this tool. However, we treat all user data with the same care and security standards as if it were sensitive information.

9. Breach Notification

In the unlikely event of a data breach that compromises your personal information, we will notify affected users by email within 60 days of discovering the breach, in accordance with the FTC Health Breach Notification Rule and applicable state laws. Notification will include the nature of the breach, the data affected, and steps you can take to protect yourself.

10. Children's Privacy

The App is not intended for use by anyone under the age of 21. We do not knowingly collect information from individuals under 21. If we learn that we have collected data from someone under 21, we will delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via a notice in the App. Your continued use after such changes constitutes acceptance of the updated policy.

12. Payment Processing

We do not collect, store, or have access to your payment card details. All payment processing is handled securely by Stripe, our third-party payment processor. When you subscribe, you are directed to Stripe's secure hosted checkout page where your payment information is entered and stored exclusively by Stripe. Peptide1 never receives or stores your card number, CVV, or any other payment credentials. Please refer to Stripe's privacy policy at stripe.com/privacy for details on how your payment information is handled.

13. Contact

For questions about this Privacy Policy or to exercise your data rights, please contact us at pitowskir@gmail.com.