Peptide Planner← Back to home
Research use only — peptides are not for human consumption.

Privacy Policy

Effective date: March 9, 2025Last updated: March 9, 2025

1. Overview

Peptide Planner ("we," "us," or "our") operates the Peptide Planner mobile application and web application (collectively, the "Service"). This Privacy Policy explains what personal information we collect, how we use it, and the rights available to you.

Research use only. Peptide Planner is a research planning and documentation tool. Nothing in this application constitutes medical advice. All compounds referenced within the Service are intended for legitimate research purposes only and are not for human consumption.

By creating an account or using the Service you agree to the terms of this Privacy Policy.

2. Information We Collect

2.1 Account Information

When you register we collect:

  • Email address
  • Password (stored as a one-way cryptographic hash — we cannot read it)
  • Date of account creation

We do not collect your legal name or phone number.

2.2 User-Submitted Research Data

All data in this category is voluntarily entered by you for the purpose of documenting and planning research. It is not independently verified or validated by us. This includes:

  • Protocol records — compound names, scheduled quantities, timing, and administration site annotations entered by the user as research documentation
  • Inventory records — compound names, quantities, vial counts, and dilution calculations
  • Body weight entries — numerical values and optional personal notes
  • Scheduling and cycle data — on/off cycle dates, dose frequency, and protocol names
The Service is a note-taking and planning tool. A logged protocol record reflects information entered by a user; it does not constitute evidence of any real-world act. The Service has no means of verifying whether any entry corresponds to an actual event.

2.3 Automatically Collected Technical Data

When you use the Service we may automatically collect:

  • Device type, operating system version, and app version
  • IP address, used solely for security and abuse prevention
  • General usage patterns in aggregate, anonymized form

We do not use session recording, keystroke logging, or behavioral surveillance of any kind.

3. How We Use Your Information

PurposeLegal basis
Provide and operate the ServiceContract performance
Authenticate your account and maintain securityContract performance / legitimate interest
Process subscription paymentsContract performance
Respond to support requestsContract performance
Send transactional communications (password reset, billing notices)Contract performance
Improve the Service using anonymous, aggregate analyticsLegitimate interest
Comply with legal obligationsLegal obligation

We do not use your data for targeted advertising, sale or rental to third parties, or training of AI or machine learning models.

4. Third-Party Service Providers

We work with a small number of third-party service providers who assist us in operating the Service. We share only the minimum data necessary for each function, and each provider is bound by a data processing agreement.

CategoryPurposeData involved
Cloud infrastructureApplication hosting and data storageAll user data
Payment processingSubscription billing (web, iOS, Android)Email address, transaction records

We do not use advertising networks, social media trackers, or analytics platforms that share data with third parties.

5. Payment Processing

Subscription payments are processed by third-party payment providers depending on your platform. We never store your full payment card details. Billing disputes and receipts are handled directly through the relevant payment platform:

  • Web — processed by our web payment provider
  • iOS — processed by Apple through the App Store
  • Android — processed by Google through the Play Store

Your payment information is governed by the privacy policy of the applicable payment provider.

6. Data Retention

Data typeRetention period
Account informationUntil account deletion, plus 30 days
Research protocol recordsUntil deleted by you, or upon account deletion
Body weight entriesUntil deleted by you, or upon account deletion
IP and security logs90 days, rolling
Anonymized aggregate analyticsIndefinite (not linked to you)

When you delete your account we permanently delete all personal data associated with it within 30 days, unless we are required by applicable law to retain it longer.

7. Data Security

We employ industry-standard security practices including:

  • Encryption in transit (TLS 1.2 or higher)
  • Encryption at rest for all stored user data
  • Passwords hashed using a modern one-way algorithm
  • Access controls that limit who can reach production data

No method of storage or transmission is 100% secure. In the event of a breach affecting your personal data we will notify you as required by applicable law.

8. Your Rights

Depending on where you live, you may have the following rights regarding your personal data. To exercise any of them, contact us at the address in Section 12.

All users

  • Access — request a copy of the personal data we hold about you
  • Correction — request that inaccurate data be corrected
  • Deletion — request deletion of your account and all associated data
  • Portability — request your data in a structured, machine-readable format

EU / UK / EEA residents (GDPR / UK GDPR)

All of the above, plus:

  • Restriction — request that we limit how we process your data
  • Objection — object to processing carried out on the basis of legitimate interest
  • Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing
  • You have the right to lodge a complaint with your local supervisory authority (e.g., your national data protection authority)

California residents (CCPA / CPRA)

  • Right to know what personal information is collected and how it is used
  • Right to delete personal information
  • Right to correct inaccurate personal information
  • Right to opt out of the sale or sharing of personal information — we do not sell or share personal information
  • Right to non-discrimination for exercising your rights

We will endeavor to honor equivalent rights for users in other jurisdictions under their applicable local law. We will respond to all verified requests within 30 days, or within the period required by your local law.

9. International Data Transfers

Peptide Planner serves a worldwide user base. Your data may be stored or processed in countries other than your own, including the United States. Those countries may have different data protection laws than your home country.

Where required by law, we rely on appropriate transfer mechanisms — such as Standard Contractual Clauses for EU/UK transfers — to ensure your data receives an adequate level of protection.

10. Children's Privacy

The Service is intended for users 18 years of age and older. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected data from a minor we will delete it promptly. If you believe we may have collected data from a minor, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes we will notify you by email or via an in-app notice before the changes take effect. The "Last updated" date at the top of this page will always reflect the most recent revision. Continued use of the Service after notice constitutes acceptance of the updated policy.

12. Contact

For any privacy-related questions, requests, or concerns:

Peptide Planner

We aim to respond to all enquiries within 5 business days.