CompoundTalk — the #1 independent GLP-1 & peptide community
FAQ | Rules | Members | Mark Forums Read
Log In
Home Legal Privacy Policy

Privacy Policy

Effective Date: January 1, 2024 — Last Revised: February 15, 2026

CompoundTalk ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services (collectively, the "Services"). Please read this policy carefully. By using the Services, you consent to the practices described herein.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Registration: Username, email address, password (stored in hashed form), date of birth (to verify age eligibility), and optional profile information (biography, location, avatar).
  • Forum Posts & Messages: Content you post in public forums, private messages to other users, and any files or images you upload.
  • Contact Forms: Name, email address, and message content when you contact us directly.
  • Surveys & Feedback: Responses to voluntary surveys, polls, or feedback requests.

1.2 Information Collected Automatically

  • Device & Browser Information: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
  • Usage Data: Pages visited, time spent on pages, clickstream data, search queries, referring/exit pages, and timestamps.
  • Cookies & Similar Technologies: We use cookies, web beacons, and similar tracking technologies as described in our Cookie Policy.
  • Log Files: Server logs that record access requests, including IP addresses, timestamps, and requested URLs.

1.3 Information from Third Parties

  • Social Login: If you register or log in using a third-party service (e.g., Google, Apple), we receive basic profile information from that service as authorized by you.
  • Analytics Providers: Aggregated analytics data from services such as Google Analytics and Cloudflare.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and maintain the Services: Operate the forum, deliver content, manage accounts, and process user interactions.
  • Personalization: Customize your experience, including content recommendations and notification preferences.
  • Communication: Send account-related notifications, respond to inquiries, and (with your consent) send newsletters or updates about the Services.
  • Safety & Security: Detect and prevent fraud, spam, abuse, and security incidents. Enforce our Terms of Service and content guidelines.
  • Analytics & Improvement: Analyze usage patterns to improve the Services, develop new features, and optimize performance.
  • Legal Compliance: Comply with applicable laws, regulations, legal processes, or governmental requests.
  • Advertising: Display relevant advertising (see Section 4 below).

3. How We Share Your Information

We do not sell your personal information. We may share information in the following limited circumstances:

  • Public Forum Posts: Content you post in public forums is visible to all visitors and may be indexed by search engines.
  • Service Providers: We share information with trusted third-party service providers who assist us in operating the Services (hosting, email delivery, analytics, content moderation). These providers are contractually obligated to protect your information and use it only for the purposes we specify.
  • Advertising Partners: We may share aggregated, non-personally identifiable information with advertising partners. We do not share your email address, real name, or private messages with advertisers.
  • Legal Requirements: We may disclose information if required by law, subpoena, court order, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change.
  • With Your Consent: We may share information in other circumstances with your explicit consent.

4. Cookies & Tracking Technologies

We use cookies and similar technologies to provide, protect, and improve our Services. For detailed information about the types of cookies we use, their purposes, and how to manage your preferences, please see our Cookie Policy.

5. Data Retention

  • Account Data: Retained for as long as your account is active. Upon account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention).
  • Forum Posts: Public forum posts may be retained after account deletion in anonymized form (username replaced with "Deleted User") to preserve thread integrity.
  • Server Logs: Retained for up to 90 days for security and debugging purposes, then deleted or aggregated.
  • Backup Systems: Data in backup systems may persist for up to 180 days before being overwritten.

6. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Password hashing using bcrypt with salt
  • Regular security audits and vulnerability assessments
  • Access controls limiting employee access to personal data on a need-to-know basis
  • DDoS protection and web application firewall (WAF)

Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

7.1 All Users

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your account and associated personal data.
  • Data Portability: Request your data in a structured, machine-readable format.
  • Opt-Out: Unsubscribe from marketing communications at any time via the unsubscribe link in emails or your account settings.

7.2 European Economic Area (EEA) Residents — GDPR

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to restrict processing of your personal data
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time (without affecting the lawfulness of processing before withdrawal)
  • Right to lodge a complaint with your local supervisory authority

Legal Basis for Processing: We process your data based on: (a) your consent, (b) contractual necessity (to provide the Services), (c) legitimate interests (security, improvement, analytics), and (d) legal obligations.

7.3 California Residents — CCPA/CPRA

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to know what personal information we collect, use, disclose, and sell
  • Right to delete personal information
  • Right to opt out of the sale or sharing of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights
  • Right to correct inaccurate personal information
  • Right to limit use of sensitive personal information

To exercise any of these rights, contact us at privacy@compoundtalk.com. We will respond within 45 days.

8. International Data Transfers

Our servers are located in the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States. We ensure appropriate safeguards for international data transfers through Standard Contractual Clauses (SCCs) or other approved mechanisms.

9. Children's Privacy

The Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information promptly.

10. Third-Party Links

The Services may contain links to third-party websites, products, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party site you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on the Services and/or by sending you an email. The "Last Revised" date at the top of this policy indicates when it was last updated. Your continued use of the Services after changes become effective constitutes acceptance of the revised policy.

12. Contact Us

CompoundTalk Privacy Team

Email: privacy@compoundtalk.com

For data access, correction, or deletion requests: privacy@compoundtalk.com

For GDPR-specific inquiries: gdpr@compoundtalk.com

Response time: Within 30 days of receipt