Skip to main content
UKPeptideReviews

Privacy Policy

Last Updated: January 2026

1. Introduction

Kola Solutions Limited ("we," "us," or "our") operates UKPeptideReviews.co.uk (the "Platform"). This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: Kola Solutions Limited
Contact: privacy@ukpeptidereviews.co.uk

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, username, and authentication credentials
  • Review Content: Reviews, ratings, comments, and optional images you submit
  • Supplier Claims: Business email, business name, and verification documents (for supplier accounts)
  • Communications: Messages sent through contact forms or support channels

2.2 Automatically Collected Information

  • Usage Data: Pages viewed, features used, time spent on Platform
  • Device Information: Browser type, operating system, IP address
  • Cookies: Session cookies for authentication and functionality (see Section 7)

3. How We Use Your Information

We use your personal information for the following purposes under lawful bases:

3.1 Contractual Necessity

  • Providing Platform services and features
  • Processing and displaying reviews
  • Managing user and supplier accounts
  • Authenticating users via magic link

3.2 Legitimate Interests

  • Detecting and preventing fraud, abuse, and fake reviews
  • Improving Platform functionality and user experience
  • Analysing usage patterns and trends
  • Communicating Platform updates and important notices

3.3 Legal Compliance

  • Responding to legal requests and court orders
  • Enforcing our Terms of Service
  • Protecting rights, safety, and property

4. Information Sharing & Disclosure

We do not sell your personal information. We may share information in the following circumstances:

4.1 Public Information

Your username and review content are publicly visible on the Platform. Your email address is never displayed publicly.

4.2 Service Providers

We use third-party service providers who process data on our behalf:

  • Supabase: Database hosting, authentication, and file storage (EU servers)
  • Vercel: Platform hosting and deployment (EU/UK regions)
  • Cloudflare: CDN, DNS, and DDoS protection

All service providers are contractually obligated to protect your data and comply with GDPR.

4.3 Legal Requirements

We may disclose information if required by law, court order, or to protect our legal rights.

5. Data Retention

We retain your personal information for as long as necessary to provide services and comply with legal obligations:

  • Account Data: Retained until you delete your account, plus 30 days for backup purposes
  • Reviews: Retained indefinitely to maintain Platform integrity, unless you delete them (within 48 hours of posting)
  • Analytics Data: Aggregated and anonymized after 12 months
  • Legal Records: Retained for 6 years as required by UK law

6. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal obligations)
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at privacy@ukpeptidereviews.co.uk. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

7. Cookies & Tracking

We use essential cookies for Platform functionality:

  • Authentication Cookies: Keep you logged in (session-based)
  • Security Cookies: Prevent fraud and abuse

We do not use advertising or tracking cookies. You can disable cookies in your browser settings, but this may limit Platform functionality.

8. Data Security

We implement appropriate technical and organisational measures to protect your data:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure database hosting with access controls
  • Regular security audits and updates
  • Password hashing and secure authentication

While we take reasonable precautions, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

9. International Data Transfers

Your data is primarily stored on servers within the EU/UK. If data is transferred outside the UK/EU, we ensure adequate safeguards are in place (e.g., Standard Contractual Clauses, adequacy decisions).

10. Children's Privacy

The Platform is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided personal data, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or Platform notice. Continued use of the Platform after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions or to exercise your rights:

Kola Solutions Limited
Email: privacy@ukpeptidereviews.co.uk
Data Protection Officer: privacy@ukpeptidereviews.co.uk