1. Introduction
OpenPep (“we,” “us,” or “our”) operates the OpenPep website (“Site”). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you visit or use the Site.
By using the Site, you consent to the data practices described in this policy. If you do not agree, please discontinue use of the Site immediately.
2. Information We Collect
2.1 Information You Provide
- Account information: When you create an account, we collect your name, email address, and authentication credentials (managed by our third-party authentication provider, Clerk).
- Onboarding preferences: Research interests, experience level, and goals you provide during onboarding.
- User-generated content: Protocols, stacks, and calculator inputs you create using our tools.
- Communications: Any information you provide when contacting us for support or feedback.
2.2 Information Collected Automatically
- Device & browser data: IP address, browser type and version, operating system, device type, and screen resolution.
- Usage data: Pages visited, time spent on pages, referral sources, click patterns, and search queries within the Site.
- Cookies & local storage: We use cookies and local storage for essential site functionality (e.g., disclaimer acceptance, session management) and analytics. See Section 7 for details.
2.3 Information from Third Parties
We may receive limited information from third-party authentication providers (Clerk) when you sign in using social login or single sign-on, such as your name, email, and profile picture.
3. How We Use Your Information
We use the collected information to:
- Provide, maintain, and improve the Site and its features
- Personalize your experience (e.g., showing relevant peptide categories based on your interests)
- Process and maintain your account
- Send essential communications (account verification, security alerts, service updates)
- Analyze usage patterns to improve Site performance and content
- Detect, prevent, and address technical issues or abuse
- Comply with legal obligations
We do not sell your personal information. We do not use your health research interests or browsing patterns to target advertising.
4. Data Sharing & Disclosure
We may share your information only in the following circumstances:
- Service providers: We use third-party services to operate the Site (e.g., Clerk for authentication, Vercel for hosting, analytics providers). These providers access data only as necessary to perform their services and are contractually obligated to protect it.
- Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
- Safety & rights protection: We may disclose information to protect the rights, property, or safety of OpenPep, our users, or the public.
- Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
- With your consent: We may share information for other purposes with your explicit consent.
5. Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services. We may retain certain information as required by law, to resolve disputes, enforce agreements, or for legitimate business purposes.
You may request deletion of your account and associated data at any time by contacting us at privacy@openpep.com. We will process deletion requests within 30 days, subject to legal retention requirements.
6. Data Security
We implement industry-standard technical and organizational measures to protect your personal information, including:
- Encryption of data in transit (TLS/HTTPS) and at rest
- Secure authentication through our third-party provider (Clerk)
- Regular security assessments and monitoring
- Access controls limiting employee access to personal data
However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
7. Cookies & Tracking Technologies
We use the following types of cookies and similar technologies:
- Essential cookies: Required for Site functionality, including authentication sessions, disclaimer acceptance state, and security tokens. These cannot be disabled.
- Analytics cookies: Help us understand how visitors interact with the Site. We use privacy-friendly, first-party analytics that do not track users across sites.
We do not use advertising cookies or cross-site tracking technologies. We do not participate in ad networks or retargeting programs.
8. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data, subject to legal retention obligations.
- Portability: Request your data in a structured, commonly used, machine-readable format.
- Objection: Object to processing of your data for certain purposes.
- Withdrawal of consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, contact us at privacy@openpep.com. We will respond within 30 days.
9. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information is being collected about you
- Know whether your personal information is sold or disclosed
- Say no to the sale of personal information
- Access your personal information
- Request deletion of your personal information
- Not be discriminated against for exercising your privacy rights
We do not sell personal information as defined by the CCPA. We do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age.
10. International Users & GDPR
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your data under the following legal bases:
- Consent: For optional analytics and non-essential data processing.
- Contract performance: To provide the services you have requested (account features, tools).
- Legitimate interests: To improve and secure the Site, provided these interests are not overridden by your rights.
- Legal obligation: To comply with applicable laws.
Your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international data transfers.
11. Children's Privacy
The Site is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected data from a child under 18, we will take steps to delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@openpep.com.
12. Do Not Track Signals
We honor Do Not Track (DNT) browser signals. When we detect a DNT signal, we disable non-essential analytics tracking for that session.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised “Last updated” date. For significant changes, we may also notify you through a banner on the Site or via email.
Your continued use of the Site after any changes constitutes acceptance of the updated policy.
14. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:
Email: privacy@openpep.com