Privacy Policy

Summary: We only collect data needed to process your order or respond to enquiries. We use Google Analytics with your consent. We never sell your data. You can request deletion of your data at any time.

Who We Are

Peptide Therapy Australia ("we", "us", "our") operates the website at peptidetherapyaustralia.com and supplies research peptides to customers in Australia.

We are committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Contact: peptherapy@yahoo.com

Data We Collect

We collect personal information only when you interact with our website:

What we collect	When	Why
Name, email address, phone number	Placing an order or submitting a contact form	Order fulfilment, correspondence
Shipping address	Placing an order	Delivery
Order details (items, amounts, payment method)	Checkout	Processing, receipts, refunds
IP address, browser & device type, pages visited	Browsing (with consent)	Analytics (Google Analytics)
Abandoned cart data (email, items)	Cart abandonment	Recovery reminder email (opt-in)

We do not collect or store payment card numbers. Payments are processed by Stripe or our crypto payment provider; their privacy policies govern that data.

We do not collect sensitive information as defined under the Privacy Act (e.g. health, biometric or genetic data) and we do not knowingly collect data from individuals under 18 years of age.

How We Use Your Data

We use your personal information only for the purposes it was collected and closely related purposes, consistent with APP 6:

Fulfilling and shipping your orders
Sending order confirmations, shipping notifications, and receipts
Responding to enquiries or support requests
Sending optional abandoned-cart reminder emails
Notifying you when an out-of-stock product becomes available (if you opted in)
Improving our website through aggregated, anonymised analytics data
Complying with legal obligations

We will not use your information for direct marketing unless you have given us separate consent to do so.

Cookies & Tracking

Cookies are small text files stored on your device. We use cookies only where necessary or where you have given explicit consent via the cookie banner on this site.

Cookie / Storage key	Type	Purpose	Expires
pta_cookie_consent	Essential (localStorage)	Remembers your cookie consent choice so we don't ask again	Until you clear browser data
_ga, _ga_*	Analytics (Google)	Distinguishes unique visitors and sessions for Google Analytics	2 years
pta_cart	Functional (localStorage)	Saves your shopping cart between sessions	7 days

Revoking consent: You can withdraw your analytics consent at any time by clearing your browser cookies or local storage. Doing so will cause the cookie banner to reappear on your next visit and Google Analytics will default to denied.

We do not use advertising cookies, cross-site tracking cookies, or sell any cookie data to third parties.

Google Analytics

We use Google Analytics 4 (GA4) — Measurement ID: G-ZXJMFE4YED — operated by Google LLC, to understand how visitors interact with our website.

We have implemented Google Consent Mode v2. This means:

All analytics tracking is denied by default when you first visit the site.
Tracking only activates if you click "Accept All Cookies" in the banner.
Ad personalisation, ad storage, and ad user data are permanently denied — we do not run ads.
When accepted, GA4 collects anonymised data: page views, session duration, general location (country/city level), device type, and referring source.

GA4 data is processed on Google's servers, which may be located outside Australia. Google's data processing is governed by the Google Privacy Policy. You can also opt out globally using the Google Analytics Opt-Out Browser Add-On.

Third-Party Services

We share your personal information with third parties only where necessary to run our business:

Stripe

Payment processing — Email, order total

Australia Post / Courier partners

Parcel delivery — Name, shipping address

Supabase

Database & backend hosting — Order data, contact form submissions

Google Analytics

Website analytics — Anonymised usage data (consent required)

We do not sell, rent, or trade your personal information to any third party for marketing or commercial purposes.

Data Retention

We retain your personal information for as long as necessary to fulfil the purpose it was collected for, or as required by law:

Order records: 7 years (Australian tax law requirement)
Contact form submissions: 2 years from last contact
Abandoned cart data: 30 days, then automatically deleted
Stock notification requests: Until fulfilled or 12 months
Analytics data (Google): Up to 14 months (GA4 default)
Cookie consent preference: Until you clear your browser data

When data is no longer needed, it is securely deleted or de-identified.

Your Rights Under the Australian Privacy Act

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the following rights regarding your personal information:

Access

Request a copy of the personal information we hold about you (APP 12).

Correction

Ask us to correct inaccurate or out-of-date personal information (APP 13).

Deletion

Request deletion of your personal data, subject to our legal obligations.

Anonymity

Where lawful, interact with us anonymously or use a pseudonym (APP 2).

Opt-out of analytics

Withdraw analytics consent by clearing cookies; decline in the banner on next visit.

Unsubscribe

Opt out of any marketing emails at any time using the unsubscribe link.

To exercise any of these rights, email us at peptherapy@yahoo.com. We will respond within 30 days in accordance with APP 12.

Security

We take reasonable steps to protect the personal information we hold from misuse, interference, loss, and from unauthorised access, modification, or disclosure, consistent with APP 11.

All data is stored in Supabase, hosted in an ISO 27001-certified data centre
All data in transit is encrypted using TLS 1.2+
Payment data is handled entirely by Stripe — we never receive or store card numbers
Admin access to the database requires authenticated credentials
Row-level security policies are enforced on all database tables

No method of data transmission over the internet is 100% secure. While we use industry-standard protections, we cannot guarantee absolute security. If you believe a data breach has occurred, please contact us immediately.

Contact & Complaints

If you have any questions about this Privacy Policy, or wish to make a complaint about how we handle your personal information, please contact us:

peptherapy@yahoo.com

Response time

We aim to respond to privacy requests within 30 days

If you are not satisfied with our response to a complaint, you may contact the Office of the Australian Information Commissioner (OAIC):

Website: www.oaic.gov.au

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised "Last updated" date. Continued use of our site after changes constitutes acceptance of the updated policy.

Still have privacy questions?

Our team is happy to clarify anything in this policy or assist with a data access, correction, or deletion request.

Still have privacy questions?

Shopping Cart