Privacy Notice

1. Who we are

TITAN AMINO operates this site as a supplier of research-use-only reference compounds. References to "we", "us", and "our" mean TITAN AMINO. Our research desk can be reached at titanamino@yahoo.com for any question about this notice or about how your information is handled.

2. What this notice covers

This notice describes what personal information we collect when you browse the site, create an account, or place an order; the purposes we use that information for; the parties we share it with; how long we keep it; and the choices and rights you have over it. It does not cover any third-party site you reach from a link on our pages — review that site's own privacy notice before you submit information to it.

3. Information we collect

We collect only what we need to confirm eligibility, fulfill orders, prevent fraud, and respond to support requests:

• Identity and contact — name, email address, phone number, research institution or laboratory name where you provide one, billing and shipping addresses.
• Order data — cart contents, order total, the cryptocurrency network and wallet address used for payment, the order reference, and the dispatch and tracking record.
• Payment data — we do not collect or store credit card numbers, bank account information, or any other financial credentials on this site. Cryptocurrency is currently our only accepted payment method; for each order we record the order amount, the destination wallet, the inbound transaction reference, and the timestamp at which our research desk confirmed the on-chain payment.
• Account data — where you choose to register, your password is stored as a salted hash and your prior orders are kept against the account record.
• Technical data — IP address, user-agent string, referring URL, pages requested, and rough geolocation derived from the IP. These are collected automatically by the web server log.
• Compliance acknowledgments — a timestamped record of the age and research-use acknowledgment you make at the gate and at checkout, together with a hash of the policy version in effect at that moment.
• Voluntary communications — anything you choose to send the research desk by email or the contact form.

We do not collect sensitive personal information about health, biometric identifiers, religious or political belief, sexual orientation, or precise real-time geolocation, and we do not knowingly collect any information from anyone under 21 years of age.

4. How we use it

• To process orders, calculate shipping, generate Certificates of Analysis attached to the order, and arrange carrier dispatch.
• To verify eligibility — that the buyer is at least 21 and is purchasing reference compounds for in-vitro research.
• To detect, prevent, and respond to fraudulent orders, chargeback abuse, automated abuse, and shipping-restriction circumvention.
• To respond to support, return, and warranty inquiries.
• To meet our own legal obligations — including tax records, audit trails, payment-network requirements, and lawful requests from competent authorities.
• To improve the site and the catalog — using aggregated, non-identifying analytics where available.

We do not sell personal information. We do not share it for cross-context behavioral advertising. We do not feed customer data into advertising-network audience products.

5. Who we share it with

We share only the minimum data each recipient needs for the specific purpose listed:

• Payment processors — order amount, order reference, billing details for the selected method. The processor handles the card data on its own servers under its own privacy notice.
• Shipping carriers — recipient name, shipping address, parcel weight, and contact phone or email for delivery exceptions.
• Hosting and infrastructure providers — the platforms that host this site, the order database, and the email server we use to send order confirmations and dispatch notices. They process data on our behalf under written data-processing terms.
• Professional advisors — auditors, accountants, and legal counsel where engagement specifically requires it.
• Authorities — in response to a lawful, narrowly-scoped subpoena, court order, or other binding legal process. We notify the affected account holder where the requesting authority permits notice.
• A successor entity — in the event of a merger, acquisition, or substantially-all-assets transaction, where the successor agrees to honor this notice for the data transferred.

6. Cookies and similar technologies

We use a small set of first-party cookies for purposes that are strictly necessary for the site to function: a cart-and-session cookie issued by WooCommerce, an HMAC-signed age-gate acknowledgment cookie keyed to the current policy version, and a brief CSRF/nonce token for form submissions. We do not load third-party advertising or cross-site tracking cookies. Where the site reads or sets information from your browser's local storage — for example, to remember that you have dismissed the disclaimer banner — that storage is also first-party and used only for the specific interaction described.

7. How long we keep it

• Order records, tax records, and the compliance acknowledgment trail are retained for seven years after the order date, in line with U.S. tax and recordkeeping rules.
• Account credentials and contact details are retained while the account is active. Closing the account moves the data into an archive that we hold for the same seven-year window so an order can still be located if a regulator or processor asks about it.
• Web server logs are retained for ninety days and then aggregated.
• Inbound support email is retained for two years and then archived to write-once storage.

8. Your rights and choices

Depending on where you live, you have one or more of the following rights with respect to the personal information we hold about you. Send any of these requests to the research desk email below and we will respond within the timeframe required by the applicable law (typically 45 days under CCPA/CPRA and 30 days under GDPR):

• Access — a copy of the information we hold about you.
• Correction — fix something that is inaccurate or out of date.
• Deletion — remove information that is no longer needed for the purposes it was collected for, subject to the retention obligations above.
• Portability — receive a machine-readable export of the data you provided to us directly.
• Objection or restriction of processing — limit how we use a specific category of data, where applicable law allows it.
• No sale and no sharing for cross-context behavioral advertising — we do not engage in either, so no opt-out request is required, but you may still file one and we will confirm in writing.
• Complaint to a supervisory authority — if you believe we have mishandled your information, you may contact your local data-protection authority. EU/UK residents may contact the supervisory authority in their member state; California residents may contact the California Privacy Protection Agency.

We verify the identity of a request before acting on it so we do not release order history or account information to the wrong person. We do not discriminate against anyone for exercising these rights — pricing, product access, and service levels are unaffected.

9. Security

We take administrative, technical, and physical safeguards reasonably designed to protect personal information against loss, unauthorized access, disclosure, and alteration. These include TLS for every page on this domain, hashed-and-salted account passwords, HMAC-signed eligibility cookies, role-segregated administrative access, and offsite encrypted backups. No internet-facing system is invulnerable; if a breach occurs that materially affects you, we will notify the affected accounts in line with the applicable law.

10. Children

The site is not directed to anyone under 21. We do not knowingly collect personal information from anyone under 21. If we learn we hold such information, we delete it. If you believe we hold information about a minor, please contact the research desk so we can remove it.

11. Cross-border transfers

Our infrastructure providers are based in the United States. If you access the site from outside the United States, your information is transferred to and processed in the United States, which has data-protection rules that may differ from those of your home jurisdiction. Where required, the transfer is supported by standard contractual clauses with the receiving provider and by the additional safeguards described in this notice.

12. Changes to this notice

We may revise this notice as the law evolves and as the site changes. The revised version is effective when posted to this page, identified by the "Last updated" date above. Material changes are summarized at the top of the revised notice for thirty days after they take effect.

13. Contact

For any privacy-related question — to exercise a right, to make a complaint, or to ask how a specific piece of information is being used — write to titanamino@yahoo.com. We aim to acknowledge inbound mail within one business day and to respond substantively within the timeframes set out above.