Privacy Policy
Privacy Policy
Last updated: March 2026
MMPeptides ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit mmpeptides.co.uk or place an order with us.
This policy is compliant with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Information We Collect
We may collect the following personal data:
Identity data: Full name
Contact data: Email address, delivery address, billing address, phone number
Transaction data: Order history, payment details (processed securely via our payment provider — we do not store card numbers)
Technical data: IP address, browser type and version, device type, operating system, time zone, referring URL
Usage data: Pages visited, products viewed, time spent on site, click behaviour
Communication data: Emails, contact form submissions, and any correspondence with us
2. How We Collect Your Data
We collect data through:
Direct interactions: When you create an account, place an order, subscribe to our newsletter, or contact us
Automated technologies: Cookies, server logs, and analytics tools that collect technical and usage data when you browse our site
Third parties: Shopify (our e-commerce platform), payment processors, and analytics providers
3. How We Use Your Data
We use your personal data for the following purposes:
Process and fulfil your orders — Legal basis: Performance of a contract
Send order confirmations, dispatch notifications, and tracking information — Legal basis: Performance of a contract
Respond to enquiries and provide customer support — Legal basis: Legitimate interest
Improve our website, products, and services — Legal basis: Legitimate interest
Send marketing emails (only with your consent) — Legal basis: Consent
Detect and prevent fraud — Legal basis: Legitimate interest
Comply with legal and regulatory obligations — Legal basis: Legal obligation
4. Marketing Communications
We will only send you marketing emails if you have given explicit consent (e.g. by subscribing to our newsletter). You can withdraw consent at any time by:
Clicking the "unsubscribe" link in any marketing email
Contacting us via our Contact page
Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
5. Data Sharing
We do not sell, rent, or trade your personal data to third parties.
We may share your data with the following trusted service providers who assist in operating our business:
Shopify — E-commerce platform, hosts our store and processes orders
Royal Mail / DHL Express — Shipping and delivery of orders
Payment processor (via Shopify Payments) — Secure processing of card transactions
Google Analytics — Website usage analytics (anonymised)
All third-party providers are contractually bound to protect your data and use it only for the purposes specified.
6. Cookies
Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device.
We use:
Essential cookies: Required for the website to function (e.g. shopping cart, checkout session)
Analytics cookies: Help us understand how visitors use the site (e.g. Google Analytics)
Marketing cookies: Used to deliver relevant content (only with your consent)
You can manage cookie preferences through your browser settings. Disabling essential cookies may affect website functionality.
7. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
Order data: Retained for 6 years from the date of transaction (as required by HMRC for tax and accounting records)
Marketing consent records: Retained for as long as consent is active, then deleted within 30 days of withdrawal
Analytics data: Anonymised and retained for up to 26 months
Customer support correspondence: Retained for up to 2 years
8. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
SSL/TLS encryption across the entire website
Secure payment processing (PCI DSS compliant via Shopify)
Restricted access to personal data on a need-to-know basis
Regular review of data handling processes
While we take all reasonable steps to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
9. Your Rights Under UK GDPR
You have the following rights regarding your personal data:
Right of access — Request a copy of the personal data we hold about you
Right to rectification — Request correction of inaccurate or incomplete data
Right to erasure — Request deletion of your data (subject to legal retention requirements)
Right to restrict processing — Request that we limit how we use your data
Right to data portability — Request your data in a structured, machine-readable format
Right to object — Object to processing based on legitimate interest or direct marketing
Right to withdraw consent — Withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact us via our Contact page at mmpeptides.co.uk/pages/contact. We will respond within one calendar month.
10. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to read their privacy policies before providing any personal data.
11. Children's Privacy
Our website and products are not intended for individuals under the age of 18. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected data from a minor, we will delete it promptly.
12. International Transfers
Some of our service providers (e.g. Shopify) may process data outside the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions, to protect your data in accordance with UK GDPR.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically. Continued use of the website after changes constitutes acceptance of the revised policy.
14. Complaints
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Website: ico.org.uk
Phone: 0303 123 1113
15. Contact
For any questions or requests relating to this Privacy Policy or your personal data, please contact us via our Contact page at mmpeptides.co.uk/pages/contact.