How We Protect Your Information
Effective: April 14, 2026
GigaCompounds respects your privacy and is committed to handling personal information responsibly and transparently. This Privacy Policy describes the personal information we collect, the purposes for which we use it, how we protect it, and your rights regarding that information.
This policy applies to all visitors to gigacompounds.com and to individuals who interact with our services, including placing orders, contacting support, or subscribing to communications.
Information You Actively Provide:
Information Collected Automatically:
We process personal information for the following business purposes:
We do not sell or rent personal information, nor do we share it with third parties for their independent marketing purposes.
We may share personal information:
Our website and primary operations are based in the United States. If you access the site from outside the U.S., your information will be transferred to and processed in the United States. By using our services, you consent to this transfer.
We use cookies, web beacons, and similar technologies to:
You may manage cookie preferences through your browser settings. Disabling certain cookies may limit or prevent access to some features of the website.
We retain personal information only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations (including tax, accounting, and record-keeping requirements), resolve disputes, and enforce our agreements.
We employ administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. However, no internet-based system can be guaranteed 100% secure. You are responsible for maintaining the confidentiality of your account credentials and for using secure networks when accessing our services.
Subject to applicable law, you may have the right to:
To exercise these rights, please send a verifiable request to support@gigacompounds.com. We will respond within the time frame required by applicable law and may require identity verification for security purposes.
Our website and services are directed solely to individuals who are at least 21 years of age. We do not knowingly collect personal information from individuals under 21. If we become aware that we have collected information from someone under 21, we will promptly delete it.
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources, our business or commercial purposes for collection, and the categories of third parties with whom we share it.
Right to Delete: You may request deletion of personal information we have collected from you, subject to certain exceptions (such as legal obligations or completing a transaction).
Right to Opt-Out of Sale: We do not sell your personal information to third parties. You do not need to opt out, but you have this right.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights. We will not deny goods or services, charge different prices, or provide a different level of quality because you exercised your rights.
How to Submit a Request: Send a verifiable consumer request to support@gigacompounds.com with the subject line "California Privacy Request." We will respond within 45 days as required by law. We may require identity verification before processing your request.
Authorized Agent: You may designate an authorized agent to make a request on your behalf by providing written authorization.
To protect our customers, payment processors, and business from fraud, chargeback abuse, account takeovers, and automated attacks, we operate an automated risk-scoring system that processes the following categories of information for each visit and transaction:
Device & network signals: IP address, autonomous system number (ASN), approximate geographic location (country/city/time zone from IP), TLS connection fingerprint, HTTP/2 protocol fingerprint, browser user agent, client-hint headers, screen resolution, color depth, timezone, installed fonts, hardware concurrency, GPU capabilities (via WebGL/WebGPU), audio processing fingerprint, canvas rendering fingerprint, and platform/OS identifiers. These signals are combined into a pseudonymous device identifier that lets us recognize return visits and suspected repeat abuse.
Identity & payment signals: Email address risk factors (presence in public breach corpora via privacy-preserving k-anonymity lookup, disposable / forwarded-alias classification), shipping / billing / IP country consistency, and automated fraud scores returned by our payment processor.
Behavioral signals: Page-navigation patterns, request timing distributions, and (outside Illinois and Texas — see below) coarse-grained interaction telemetry such as mouse movement entropy, keystroke timing, scroll and paste activity on forms. This data is sampled, aggregated, and used solely to distinguish automated traffic and coordinated abuse from human customers. It is not used to identify you outside the fraud-prevention context and is never shared for advertising.
Legal basis: Processing is based on our legitimate interest in preventing fraud, securing our services, and complying with payment-network rules (GDPR Art. 6(1)(f) for EU visitors), on the necessity of performing a contract you have entered into or requested (Art. 6(1)(b)), and on our obligation to prevent, detect, and prosecute illegal activity where applicable.
Third-party fraud data sources we consult: AbuseIPDB (IP abuse-report reputation), MaxMind GeoLite2 (country / ASN geolocation), and publicly maintained abuse lists (Spamhaus DROP, FireHOL, Tor exit-node list). We do not send your plaintext email or any payment details to these services.
Automated decisions and your rights: Our risk system may automatically decline a transaction, require additional verification (including 3-D Secure), or close an account that is scored as high-risk. If an automated decision significantly affects you, you have the right to:
To exercise these rights, email support@gigacompounds.com with your order reference number. We will respond within 30 days.
Biometric-adjacent behavioral data — Illinois and Texas residents: We do not collect mouse-movement or keystroke-timing telemetry from visitors whose IP address indicates an Illinois or Texas location, in order to comply with the Illinois Biometric Information Privacy Act (BIPA) and the Texas Capture or Use of Biometric Identifier Act (CUBI). Server-side signals (IP, device fingerprint, payment-processor risk scores) continue to apply so fraud prevention remains effective in those states.
Retention: Device fingerprints, IP-reputation data, and behavioral signals are retained for 6 months for normal sessions. For accounts or identifiers that have been associated with confirmed fraud, chargebacks, or policy violations, the related evidence is retained indefinitely for legitimate-interest fraud-defense purposes, as permitted under GDPR Article 17(3)(b) and (e).
All products offered by GigaCompounds are sold strictly for lawful laboratory, scientific, and research use only.
They are not approved for human consumption, medical treatment, therapeutic use, or any form of ingestion or injection.
By placing an order or accessing our site, you represent and warrant that you are purchasing solely for authorized research purposes and that you will comply with all applicable federal, state, and local laws and regulations.
We may modify this Privacy Policy from time to time. The updated version will be posted on this page with a revised effective date. Continued use of our website or services after changes are posted constitutes acceptance of the revised policy.
Questions? Email us at support@gigacompounds.com. We typically respond within 1 business day.
