Terms & Privacy

1. What PeptidesClav Actually Is

PeptidesClav is a comparison catalog, not a store. We gather peptide listings from the third-party vendors that genuinely sell them and set their prices, dose variants, reader ratings, and chemical specifications side by side so you can weigh them in one place. Nothing ships because of us: we hold no stock, take no payment, and pack no parcels. Every actual transaction happens on a vendor's own site, after you have left ours.

2. Using the Site Puts These Rules in Effect

Browsing or otherwise interacting with peptidesclav.com brings this agreement into force between you and us. If any part of it does not sit right with you, the fix is straightforward — stop using the site. We revise these rules when our practices or the law shift, and the version live at the moment of your visit is the one that governs that visit, so it is worth a re-read whenever the date above has moved.

3. Everything Here Is Reference Material

Treat the specifications, CAS numbers, ratings, and prices on these pages as a place to begin your own research, not as the last word. Much of it is assembled from vendor-published sources we neither control nor continuously re-check, so figures drift and now and then disagree with what a vendor shows at its own checkout. None of it is medical guidance, and the presence of a compound in this catalog is never a recommendation to buy, hold, or use it for any purpose.

4. How the Site Earns Its Keep

Affiliate commissions pay for this catalog. A number of the vendors we list pay us a referral fee when a visitor reaches them through one of our outbound /out/ links and then buys something; that fee comes out of the vendor's ordinary margin and adds nothing to the price you pay.

Those links hand you off to independent businesses. Their content, pricing, policies, and conduct are entirely their own — we do not vet them and we do not stand behind them.

5. No Warranties

We publish this catalog in good faith but promise nothing about it. The site and all of its contents are offered exactly as they appear, with no guarantee — stated or implied — that any figure is accurate, current, complete, or suited to a particular use. Should you act on something you read here and it proves wrong or stale, that outcome is yours to carry rather than ours.

6. The Limit of What We Answer For

To the extent the law allows us to cap our exposure, we do. PeptidesClav and the people who operate it will not be answerable for losses of any kind — immediate, knock-on, incidental, or the sort a court files under special or consequential — that trace back to your use of this site or to your reliance on anything published on it, whether the harm is financial, reputational, or otherwise.

7. Governing Law, Disputes, and Severability

Any disagreement over these terms or over the site is decided under the law of the jurisdiction in which PeptidesClav is operated, and you agree to bring it before the courts seated there rather than somewhere else. If a single clause of this agreement is later struck down or held unenforceable, the remaining clauses keep their full force.

8. Scope and Who Is Responsible

This half covers the data side of the site. PeptidesClav runs peptidesclav.com as a research catalog and editorial publication — there are no accounts to open, no payments taken on this domain, no mailing list, and no contact form sitting on the page. When you order a catalogued SKU you do it on a separate research-supply vendor reached through the outbound /out/ redirect described in Section 13; that vendor is a controller in its own right, with its own policy.

For the narrow set of data the site itself touches — server logs and cookieless analytics — PeptidesClav is the controller. Every request described in this half can be sent to privacy@peptidesclav.com.

9. What the Servers Record Automatically

As with any site on the open web, our host writes a technical line for each request so the site stays available, abuse can be caught, and traffic can be counted in aggregate. That amounts to:

• Server access logs (Vercel hosting): IP address, user-agent string, requested URL, referrer, response status, response size, and a timestamp — the ordinary HTTP log fields a host produces by default.
• Cookieless analytics (Vercel Analytics): the page viewed, the referrer, a country derived from IP, browser family, device type, and operating system. It sets no cookies and keeps no raw IP; visitors are counted using a one-way hash of IP plus user-agent that rotates daily and cannot be turned back into a person.
• Coarse location: country level only, inferred from IP. No GPS, no street-level position, no device-sensor readings.
• Performance and error signals: aggregated request timing, build metrics, and uncaught client-side errors the platform may capture to help diagnose an outage.

None of the above is joined to a name, email, or account, for the simple reason that the site never gathers those (see the next section).

10. What the Site Deliberately Leaves Alone

The site carries none of the features that would pull in the categories of personal data below. In plain terms, there is:

• No account, registration, or login.
• No newsletter, mailing list, or subscription box.
• No contact, comment, review, or feedback form on the page.
• No payment, billing, or shipping detail taken on this domain.
• No advertising cookies, retargeting pixels, or third-party ad SDKs.
• No first-party cookies set by us for tracking.
• No social-widget scripts (Facebook Pixel, X/Twitter widgets, LinkedIn Insight, and the like).
• No biometric, health, financial, government-ID, or precise-location data, and nothing that counts as "sensitive personal information" under the CPRA.

If you email us at the address in Section 18, your message and your address are used for the one purpose of answering you, and are kept no longer than that reasonably takes.

11. Cookies and Similar Storage

No first-party cookies are set for tracking, advertising, or personalization. Our analytics tool is cookieless by design. The closest thing to cookie storage you might meet here is a session-scoped value the web framework (Next.js / React) uses for routing and basic app state — strictly necessary, first-party, and with no tracking role.

The page font (Montserrat) is served from our own domain. Although it originates in the Google Fonts catalog, the framework fetches it once at build time and self-hosts the result, so opening a page here fires no request to Google and leaves no IP of yours in Google's logs on our account.

Sites you reach through the outbound /out/ redirect (Section 13) may set cookies of their own under their own policies; those are beyond our reach.

12. How the Recorded Data Gets Used

The information in Section 9 is put to these uses and no others:

• Running, maintaining, and securing the site.
• Building aggregate readership figures — which pages get read, which referrers send people, which countries they read from — to steer our editorial coverage.
• Spotting and blunting abuse, scraping, denial-of-service traffic, and other security events.
• Tracking down and fixing application errors and performance regressions.
• Meeting legal obligations and responding to lawful requests from authorities.

We neither sell personal information nor "share" it for money or other value, and we run no cross-context behavioral advertising. Nor do we make automated decisions or build profiles that carry legal or similarly weighty consequences for anyone.

13. Outbound Links and the Vendors Behind Them

Product links take the shape /out/<product-slug> and forward you to a third-party research-supply vendor. The forwarding happens on the server and gathers no personal data beyond the ordinary log fields in Section 9.

Everything that follows — opening an account, entering an address, paying, having an order processed, support, shipping, returns, and any after-sale contact — takes place on the vendor's site under the vendor's policy and terms. As a matter of routine we do not receive your name, email, postal address, payment details, order contents, or order status. The vendor may pass us aggregated, non-identifying referral numbers (click counts, commission totals) under the affiliate program. Read the vendor's privacy policy before you check out.

14. GDPR Legal Bases, Processors, and Transfers

Where the EU or UK GDPR applies, our processing rests on three Article 6(1) bases:

• Legitimate interests (Art. 6(1)(f)): keeping the site up, secure, and free of abuse; measuring readership with a cookieless, privacy-preserving tool; and holding server logs. Given how limited and non-identifying the data is, we judge these interests not to be overridden by visitors' rights and freedoms.
• Legal obligation (Art. 6(1)(c)): where law requires us to keep or hand over information.
• Consent (Art. 6(1)(a)): when you choose to email a question, you consent to our using that email solely to reply.

Our processors are Vercel Inc. (hosting, content delivery, build infrastructure, and Vercel Analytics) and our domain registrar and DNS provider (operating the domain and routing traffic, with no content-level data). The vendor reached through the outbound redirect is not a sub-processor — it is an independent controller for whatever you give it on its own site.

PeptidesClav operates from the United States and is served from a global edge network, so request logs may be handled in data-center regions outside your own country, the US included. For visitors in the EU/EEA or the UK, any transfer to the US relies on the European Commission's adequacy decision for the EU-US Data Privacy Framework (where the recipient is certified) or on its Standard Contractual Clauses, topped up with the extra safeguards that supervisory-authority guidance and case law call for.

15. How Long Anything Is Kept, and How It Is Protected

• Server access logs: held by our host for the window in its published log-retention policy (raw logs typically no more than 30 days), then deleted or rolled into aggregates.
• Analytics aggregates: kept up to 12 months in non-identifying form so we can compare readership year on year.
• Email correspondence: kept only as long as it takes to resolve your request and note the outcome, then deleted or anonymized.
• Legal holds: where a statute or a litigation hold demands longer retention, the affected data is kept for that required period alone.

On the protective side we lean on transport encryption (HTTPS/TLS) for every request, hardened infrastructure run by our host, hard data minimisation — we do not gather what we do not need — and tight role-based access for the handful of people who can read the aggregated analytics. No transmission or storage method is flawless, and we make no claim of perfect security.

16. Your Rights — UK/EU, California, and Other US States

If you are in the EU, EEA, or United Kingdom, you may ask us to confirm and hand over what we hold, correct it, erase it in defined cases, restrict or object to its processing, receive it in portable form where processing is automated and based on consent or contract, and withdraw consent where consent is the basis. You may also complain to a supervisory authority — your local Data Protection Authority, or the UK's Information Commissioner's Office. We answer within one calendar month, extendable by two more for complex cases per Article 12(3); because what we hold is so limited and non-identifying, we may have to ask for more detail to tie a record to you, and occasionally cannot locate one at all.

If you are a California resident, the CCPA as amended by the CPRA gives you the right to know the categories and specific pieces we have collected, the right to delete and to correct, the right to limit use of sensitive personal information (moot here — we collect none), the right to opt out of any sale or sharing, and the right not to be treated differently for exercising these. In the last twelve months the only categories we collected fall under "internet or other electronic network activity" and country-level "geolocation" under Cal. Civ. Code §1798.140; we have sold and shared nothing for cross-context behavioral advertising, so any opt-out is already honored by default. An authorized agent may act for you with written proof and identity verification.

If you live in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or another state with a comprehensive privacy law, you hold substantially the same rights — access, deletion, correction, a portable copy, and opt-outs of targeted advertising, sale, and certain profiling. Since we do none of those last three, their opt-outs are honored automatically. To exercise any right above, write to privacy@peptidesclav.com; if we turn a request down, your state may give you a right to appeal.

17. Global Privacy Control, Children, and Updates

We treat the Global Privacy Control (GPC) browser signal as a valid opt-out under the CCPA/CPRA and equivalent state laws. In practice, since we neither sell nor share personal information and run no targeted advertising, GPC and Do Not Track change nothing on the site — there is no profile to suppress and no ad signal to switch off.

The site is not aimed at children under 16, and the compounds it discusses are catalogued for adult, laboratory-use research only. We do not knowingly collect data from children under 16 and we observe COPPA along with applicable international child-data rules; if you think a child has sent us information, tell us at the address below and we will remove it promptly.

This document changes from time to time as our practices, our suppliers, or the law move. The "Last updated" date at the top marks the current revision, material changes are flagged at the top of the page for at least 30 days, and continuing to use the site after a revision takes effect counts as acceptance of it.

18. Contact

For anything on this page — a question about the terms, a privacy request, or a complaint — reach us at privacy@peptidesclav.com. A postal address is available on request through the same address. We aim to reply to every inquiry within 30 days, and sooner where a law such as the GDPR or CCPA sets a tighter deadline.