Privacy Policy

Truth In Peptides (“TIP,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains what information we collect when you visit truthinpeptides.com, how we use it, and the choices you have. Truth In Peptides is operated by the same team that runs Onyx & Opal Health; see the Disclosures section of our About page for details on that relationship.

Information we collect

We collect only the information needed to operate the site:

• Information you give us. When you subscribe to our newsletter, submit the contact form, or submit a provider for our directory, we collect the name, email address, and any other information you choose to include in those forms.
• Automatically collected information. When you visit the site, our hosting provider and any analytics tools we use may automatically receive standard log data such as IP address, browser type, device type, referring page, and pages viewed. We use privacy-respecting analytics where possible and do not sell this data.
• Cookies. We do not set any tracking, advertising, retargeting, or cross-site cookies. Our analytics provider, Plausible Analytics, is cookie-free by design and does not store any information in your browser. The only cookies the Site may set are strictly essential cookies required for basic functionality (for example, remembering your preferred color theme). Because we do not use non-essential cookies, no cookie consent banner is required under GDPR, ePrivacy, or CCPA/CPRA; if we ever add non-essential cookies in the future we will add a consent mechanism before doing so.

What we do NOT collect

Truth In Peptides is a publication, not a clinic. We do not collect, store, or process protected health information (PHI) through this site. Do not send us medical records, lab results, prescription information, or descriptions of your personal health conditions through the contact form or email. If you are a patient of Onyx & Opal Health, all clinical communication must go through that practice's HIPAA-compliant patient portal, not through TIP.

How we use information

• To send you the newsletter you requested.
• To respond to messages you send us through the contact form.
• To review provider directory submissions against our published standards.
• To understand aggregate traffic patterns and improve the site.
• To comply with applicable law.

We do not sell your personal information. We do not share your email address with advertisers, affiliates, data brokers, or partners. We do not use your information to target you with ads on other platforms.

Third-party services

We use a limited set of third-party services to run the site. These providers receive only the information they need to perform their function and are contractually bound to protect your data:

• Beehiiv to deliver our email newsletter. See Beehiiv's Privacy Policy.
• Formspree to deliver contact form submissions. See Formspree's Privacy Policy.
• A hosting and content delivery provider to serve the site.
• Plausible Analytics for privacy-respecting, cookie-free aggregate analytics. Plausible anonymizes IP addresses and does not build individual user profiles. See Plausible's privacy documentation.

We do not share your information with Onyx & Opal Health or any other clinic, pharmacy, or provider listed in our directory.

GDPR: lawful basis (EU and UK residents)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal information on the following lawful bases under Article 6 of the GDPR:

• Consent (Art. 6(1)(a)): for newsletter subscriptions and any optional analytics cookies. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Legitimate interests (Art. 6(1)(f)): for security monitoring, fraud prevention, essential site-functionality cookies, and responding to contact form inquiries. You may object to processing based on legitimate interest at any time.
• Legal obligation (Art. 6(1)(c)): where applicable, to comply with law.

You also have the right to lodge a complaint with your local data protection authority. We do not currently transfer personal information outside the EEA except through service providers that rely on Standard Contractual Clauses or other lawful transfer mechanisms.

CCPA/CPRA: California residents

If you are a California resident, you have the right, under the California Consumer Privacy Act (as amended by the CPRA), to: (1) know what personal information we collect and how we use it; (2) request access to or deletion of your personal information; (3) correct inaccurate personal information; (4) opt out of the “sale” or “sharing” of your personal information; and (5) limit the use of sensitive personal information.

We do not sell or share your personal information for cross-context behavioral advertising as those terms are defined by the CCPA/CPRA. We do not receive any consideration for your personal information. Because we do not sell or share personal information, a “Do Not Sell or Share My Personal Information” link is not operationally necessary; however, you may still contact us through our contact form to exercise any of the rights above. We will not discriminate against you for exercising your rights.

Data breach notification

In the event of a data breach involving your personal information, we will notify affected individuals without unreasonable delay, consistent with applicable state and federal breach-notification laws. Notices will describe the nature of the breach, the categories of information involved, and the steps we recommend to protect yourself.

Your rights

Depending on where you live, you may have rights under laws such as the EU General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA/CPRA), including the right to access, correct, delete, or export the personal information we hold about you, and the right to opt out of certain uses. To exercise these rights, email us at the address on our contact page. We will respond within the time frames required by applicable law. You can unsubscribe from our newsletter at any time using the unsubscribe link in any email.

Children's privacy

Truth In Peptides is not directed to children under 18. We do not knowingly collect personal information from minors. If you believe we have collected information from a child, contact us and we will delete it.

Data retention and security

We retain personal information only as long as needed to provide the service you requested or as required by law. We use reasonable administrative, technical, and physical safeguards to protect your information, but no system is perfectly secure.

Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be announced on the site.

Contact

Questions about this Privacy Policy can be sent through our contact form.