This policy explains how DC Solutions Group Ltd trading as DC Peptide Labs (“we”) handles your personal data under UK GDPR and the Data Protection Act 2018. We are the data controller. Contact: support@dcpeptidelabs.com.
What we collect and why
Order data (name, address, email, phone, purchase history) — to fulfil your contract with us: processing orders, delivery, refunds and support. Kept for 6 years for tax and legal purposes.
Payment data — processed by Stripe or PayPal. We never see or store full card details.
Analytics data — with your consent, we use Google Analytics 4 and Google Tag Manager (Google Ireland Ltd) as processors to understand how the site is used. IP addresses are not stored by GA4 in a form that identifies you. You can refuse or withdraw consent at any time via the cookie banner (our consent tool is Complianz).
Account data — if you create an account, we store your details to make reordering easier. You can ask us to delete it at any time.
Legal bases
Contract (orders and delivery), legal obligation (tax records), consent (analytics and marketing cookies), and legitimate interests (fraud prevention, basic site security logs).
Who we share data with
Royal Mail (delivery), Stripe and PayPal (payments), Google (analytics, with consent), and our hosting provider. We do not sell personal data. Where processors are outside the UK, transfers rely on adequacy decisions or standard contractual clauses.
Your rights
You can request access, correction, deletion, restriction, portability, and object to processing. Email support@dcpeptidelabs.com and we’ll respond within one month. You can complain to the ICO (ico.org.uk) if you’re unhappy with how we handle your data.
Cookies
See our Cookie Policy. Non-essential cookies fire only after you consent via the banner.