Research use only · Not for human or animal consumption
JUNI peptides
Research use onlySold for laboratory research use only. Not for human or animal consumption. Not a drug, food, or cosmetic.

Privacy

We collect the minimum personal data needed to ship an order and to comply with our legal obligations.

Controller

The controller of personal data under GDPR Article 4(7) is Juni Research Ltd. Registered operating-entity details are on the imprint page.

Data we collect

  • Name, email, billing and shipping address — required to fulfil orders.
  • Order history — retained for accounting and customer support.
  • Payment metadata — handled by our payment providers; we do not store card numbers.
  • Anonymous traffic analytics — to understand which pages are read.

How we use it

  • To process and ship your order.
  • To communicate about your order (confirmation, dispatch, problems).
  • To meet tax and customs reporting obligations.
  • To improve the site and detect abuse.

What we do not do

  • Sell or rent your data.
  • Send marketing emails without explicit opt-in.
  • Run third-party advertising trackers.

Retention

Order records are retained for the period required by accounting and tax law in the operating jurisdiction (typically 7 to 10 years), then deleted or anonymized.

Your rights

EU and UK residents are entitled to the following rights under the General Data Protection Regulation (Regulation (EU) 2016/679) and the UK GDPR:

  • Article 15 — Right of access. Confirmation of whether we process your personal data and a copy of it.
  • Article 16 — Right to rectification. Correction of inaccurate or incomplete data.
  • Article 17 — Right to erasure (“right to be forgotten”). Deletion where one of the grounds in Art. 17(1) applies and no overriding legal-retention obligation intervenes.
  • Article 18 — Right to restriction of processing.
  • Article 20 — Right to data portability. Receipt of data in a structured, commonly used, machine-readable format.
  • Article 21 — Right to object to processing based on legitimate interest or carried out for direct marketing.
  • Article 77 — Right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

To exercise any of these rights write to [email protected]. We respond within 30 days (extendable by a further two months where necessary under Art. 12(3)).

EU residents may also lodge a complaint with their national data-protection authority. The directory is published by the European Data Protection Board at edpb.europa.eu/about-edpb/about-edpb/members_en.

Subprocessors

We self-host the storefront, the e-commerce backend, the analytics platform, and our object storage. Only the following third parties process personal data on our behalf:

  • Resend (Delaware, USA) — transactional email delivery (order confirmations, shipping updates). EU SCCs in place.
  • Cloudflare (San Francisco, USA) — DNS, CDN, DDoS protection, and edge tunnel terminating to our origin. EU SCCs in place.
  • Card payment processor — disclosed at the payment step. PCI-DSS scope; we do not store card numbers.
  • BTCPay Server — self-hosted on our infrastructure for Bitcoin / Lightning settlement.

Database, file storage, and traffic analytics are all hosted on infrastructure we control directly; no third-party processor is involved for those.

Contact

Data-protection enquiries: [email protected].