Privacy Policy

Rilexon, LLC is a South Carolina limited liability company that manufactures and distributes Research Use Only (RUO) peptide compounds exclusively to qualified scientific researchers and institutions. We are the data controller for personal information collected through our Services.

Data Controller Contact:
Rilexon, LLC
Myrtle Beach, SC 29579
Email: info@rilexon.com
Website: www.rilexon.com

For all privacy inquiries, rights requests, or data-related concerns, please email us at info@rilexon.com with the subject line "Privacy Request." We respond within 30 days.

We collect personal information in the following categories:

2.1 Information You Provide Directly

• Full legal name and title
• Institution or business name and professional affiliation
• Business email address and telephone number
• Mobile phone number (for SMS communications, where opted in)
• Billing address and shipping address
• Payment information (processed exclusively through PCI DSS-compliant third-party processors; we never store, transmit, or retain full card numbers or CVV codes)
• Account login credentials (username and cryptographically hashed password)
• Research credentials, licenses, or institution documentation submitted for order verification
• Correspondence you initiate with us, including support tickets, inquiries, and feedback
• Survey responses and product reviews submitted voluntarily

2.2 Information Collected Automatically

• Internet Protocol (IP) address and derived approximate geolocation (country/state level)
• Browser type, version, operating system, and device type
• Unique device identifiers and mobile advertising IDs
• Pages viewed, links clicked, session duration, and navigation path (clickstream data)
• Referring and exit URLs
• Cookie identifiers, pixel tags, web beacons, and similar tracking technologies
• Timestamps and frequency of visits

2.3 Information from Third Parties

• Payment verification data and fraud risk scores from payment processors and fraud detection services
• Identity verification results from KYC (Know Your Customer) compliance providers
• Analytics data from platforms such as Google Analytics
• Publicly available records used to verify institutional affiliations
• Information from advertising partners where applicable and with your consent

2.4 Sensitive Information

We do not intentionally collect sensitive personal information such as government-issued identification numbers, medical records, financial account numbers (beyond tokenized payment references), racial or ethnic origin, or political opinions. If submission of such information is required for compliance or verification purposes, we will obtain your explicit consent and implement enhanced safeguards.

We process your personal information under the following legal bases, as applicable:

• Contract Performance: To process and fulfill your orders, manage your account, and provide customer support.
• Legal Obligation: To comply with federal and state laws, including export control regulations, the Controlled Substances Act, AML/KYC obligations, tax recordkeeping requirements, and regulatory reporting.
• Legitimate Interests: For fraud prevention, network security, internal analytics, and business operations, balanced against your privacy rights.
• Consent: For marketing communications, non-essential cookies, and any processing for which we explicitly seek your agreement. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Vital Interests or Public Task: In rare circumstances where processing is necessary to protect life or comply with a lawful public authority request.

4.1 Order Fulfillment and Account Services

• Processing, fulfilling, and shipping orders
• Creating, authenticating, and maintaining customer accounts
• Sending order confirmations, shipping notifications, and delivery updates
• Processing returns, refunds, and account credits
• Providing customer support, resolving disputes, and responding to inquiries

4.2 Regulatory Compliance and Eligibility Verification

• Verifying that purchasers are qualified researchers or institutions authorized to possess and use research compounds
• Complying with the Federal Food, Drug, and Cosmetic Act; the Controlled Substances Act; DEA regulations; export control laws including EAR/OFAC; and all applicable South Carolina regulations
• Screening orders against sanctions lists and denied-party lists
• Retaining records as required by federal and state law
• Responding to lawful requests from regulatory authorities, law enforcement, or courts

4.3 Payment Processing and Financial Compliance

• Facilitating secure transactions through our PCI DSS-compliant payment processors
• Detecting, investigating, and preventing fraudulent transactions, chargebacks, and unauthorized purchases
• Maintaining transaction audit trails as required by our merchant service agreements and financial regulations
• Complying with anti-money laundering (AML) obligations

4.4 Communications

• Sending transactional messages required to operate our Services
• Sending marketing emails, promotions, and newsletters to customers who have opted in
• Responding to customer inquiries and feedback
• Notifying you of updates to our policies, terms, or services

4.5 Security, Fraud Prevention, and Compliance

• Monitoring for unauthorized access, suspicious activity, and security incidents
• Enforcing our Terms and Conditions, Acceptable Use Policy, and other agreements
• Conducting internal audits, risk assessments, and compliance reviews

4.6 Analytics and Improvement

• Analyzing website traffic patterns and user behavior to improve functionality
• Conducting research to develop new products and improve existing offerings
• Testing website features and optimizing the customer experience

4.7 SMS / Text Message Communications

If you opt in to the Rilexon SMS Program, we collect and process your mobile phone number, your consent record (including timestamp, IP address, and opt-in source), and message delivery metadata (delivery status, engagement, opt-out timestamps). We use this information solely to send transactional messages (such as order and shipping notifications) and, where you have separately consented, marketing messages.

Mobile phone numbers and SMS consent data are shared only with our SMS service provider (acting as a data processor on our behalf) and with mobile carriers for the purpose of message delivery. We do not sell, rent, or share your mobile number or SMS opt-in data with any third party for their own marketing purposes. Mobile opt-in consent data is never shared with third parties under any circumstance.

You may opt out at any time by replying "STOP" to any message you receive. Opting out of SMS does not affect your ability to receive email communications or transactional notifications through other channels.

The security of payment information is a top priority for Rilexon, LLC. We do not directly collect, store, process, or transmit full payment card numbers, CVV codes, or bank account details. All payment transactions are handled exclusively by third-party payment processors that maintain PCI DSS Level 1 compliance certification.

When you submit payment information, it is transmitted directly and securely to our payment processor via Transport Layer Security (TLS) encryption with a minimum of TLS 1.2. We receive only a payment token — a randomized identifier — that references your payment method without exposing underlying card data. This token cannot be reverse-engineered.

Our merchant accounts are maintained in compliance with card network rules (Visa, Mastercard, American Express, Discover) and our acquiring bank requirements.

IMPORTANT: We will NEVER ask you for your full card number, CVV, or banking credentials via email, telephone, or live chat. If you receive such a request claiming to be from Rilexon, it is fraudulent — please report it to us immediately at info@rilexon.com.

We use cookies and similar technologies to operate and enhance our Services:

• Strictly Necessary Cookies: Essential for site functionality, including session management, shopping cart persistence, and security features.
• Performance and Analytics Cookies: Collect aggregated, anonymized data about how visitors use our website.
• Functional Cookies: Remember your preferences, language settings, and personalization choices.
• Marketing and Targeting Cookies: Used to deliver relevant content and, where applicable, targeted advertising. Deployed only with your prior consent.

You may manage cookie preferences through our cookie consent banner or your browser settings. Disabling certain cookies may limit site functionality.

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. Disclosure is limited to the following circumstances:

7.1 Service Providers (Processors)

• Payment processors and fraud detection services
• Shipping carriers and logistics providers
• Cloud hosting and infrastructure providers
• Email delivery and marketing automation platforms
• SMS messaging service providers
• Analytics and performance monitoring services
• Identity verification and KYC compliance providers
• Customer relationship management (CRM) software providers

7.2 Legal and Regulatory Requirements

We may disclose your information when required by law, court order, subpoena, regulatory investigation, or lawful governmental request — including to the U.S. Drug Enforcement Administration (DEA), the U.S. Food and Drug Administration (FDA), U.S. Customs and Border Protection, OFAC, or other federal, state, or international regulatory bodies.

7.3 Protection of Rights and Safety

We may share information where necessary to enforce our policies; protect the rights, property, or safety of Rilexon, our employees, customers, or the public; prevent or detect fraud, cyberattacks, or illegal activity; or satisfy applicable legal obligations.

7.4 Business Transactions

In connection with a merger, acquisition, reorganization, asset sale, or bankruptcy, your information may be transferred as part of that transaction.

7.5 With Your Consent

We may share your information for any other purpose with your explicit prior consent.

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Policy, or as required or permitted by law:

• Order, transaction, and payment records: Seven (7) years minimum
• Account profile information: Duration of account relationship, plus three (3) years following closure
• Customer service records and correspondence: Three (3) years
• Marketing preferences and consent records: Until opt-out plus two (2) years
• SMS opt-in consent records: Until opt-out plus four (4) years for TCPA compliance
• Fraud detection and security logs: Up to seven (7) years
• Regulatory compliance and verification records: As required by applicable law

Upon expiration of applicable retention periods, we securely delete or anonymize personal information using industry-standard data disposal methods.

Rilexon, LLC implements a comprehensive information security program incorporating administrative, technical, and physical safeguards designed to protect your personal information.

• SSL/TLS encryption (minimum TLS 1.2) for all data in transit
• AES-256 encryption for sensitive data stored at rest
• Role-based access controls limiting employee access to personal data
• Multi-factor authentication (MFA) for internal systems
• Regular vulnerability assessments, penetration testing, and security audits
• Comprehensive employee privacy and security training
• Written incident response and data breach notification procedures
• Physical security controls at facilities where data is stored or processed

Despite these measures, no electronic transmission or storage system is completely invulnerable. In the event of a data breach that affects your rights or freedoms, we will notify affected individuals and relevant authorities as required by applicable law.

10.1 Rights Available to All Customers

• Right to Access: Request a copy of the personal information we hold about you.
• Right to Correction: Request correction of inaccurate, incomplete, or outdated information.
• Right to Deletion: Request deletion of your personal information, subject to legal retention obligations.
• Right to Withdraw Consent: Withdraw consent for marketing or optional processing at any time.
• Right to Opt-Out of Marketing: Unsubscribe from marketing emails at any time, or reply "STOP" to SMS messages.

10.2 South Carolina (SCDPA)

South Carolina residents have rights under the South Carolina Data Privacy Act, including the right to access, correct, delete, and obtain a portable copy of your personal data, as well as the right to opt out of targeted advertising and the sale of personal data. We do not sell personal data.

10.3 California Residents (CCPA/CPRA)

• The right to know the categories and specific pieces of personal information we have collected, used, disclosed, and sold
• The right to opt out of the sale or sharing of personal information (we do not sell personal information)
• The right to limit the use of sensitive personal information
• The right to non-discrimination for exercising CCPA/CPRA rights
• The right to correct inaccurate personal information

10.4 EEA, United Kingdom, and Switzerland (GDPR / UK GDPR)

If you are located in the EEA, UK, or Switzerland, you have rights under the GDPR, including access, rectification, erasure, restriction of processing, data portability, and objection to processing. You also have the right to lodge a complaint with your relevant data protection supervisory authority.

10.5 Submitting a Request

To exercise any of these rights, contact us at info@rilexon.com with the subject line "Privacy Rights Request." We will respond within thirty (30) days. We may need to verify your identity before processing your request.

Our Services are not directed to individuals under the age of eighteen (18). We do not knowingly collect, solicit, or store personal information from minors. If you are under 18, you must not use our Services. If we discover that we have inadvertently collected information from a person under 18, we will delete it promptly.

Our Services are operated from the United States. If you access our Services from outside the United States, your personal information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your country of residence.

For transfers from the European Economic Area or United Kingdom, we rely on applicable transfer mechanisms, including Standard Contractual Clauses (SCCs) adopted by the European Commission.

Our website may contain links to third-party websites, payment portals, or shipping provider tracking pages. This Privacy Policy does not apply to those external sites. We encourage you to review their privacy policies before submitting any personal information.

Some browsers transmit "Do Not Track" (DNT) signals. Our website does not currently respond to DNT signals, as there is no established industry standard for their interpretation. We will update this Policy if a recognized standard is adopted.

We reserve the right to update or modify this Policy at any time. Material changes will be communicated by posting an updated version on our website with a revised effective date, and — where appropriate — by sending you an email notice. Your continued use of our Services after the effective date of any modification constitutes acceptance of the updated Policy.

For privacy inquiries, rights requests, data complaints, or to report a suspected data breach:

Rilexon, LLC
Myrtle Beach, SC 29579
Email: info@rilexon.com
Website: www.rilexon.com

Please reference "Privacy Policy" or "Privacy Request" in your subject line. If you believe we have not adequately addressed your concerns, you have the right to contact your state data protection authority.