Privacy Policy

1. Information We Collect

We collect the following categories of personal information:

Information You Provide

• Account information: name, email address, and password when you create an account.
• Order information: shipping address, billing address, and order details when you make a purchase.
• Research affiliation: institution name or laboratory information if requested for verification.
• Communications: messages you send to our support team.

Information Collected Automatically

• Device information: browser type, operating system, and device identifiers.
• Usage data: pages visited, time spent on pages, referring URLs, and click activity.
• IP address: used for fraud prevention and approximate geolocation.

2. How We Use Your Information

We use your personal information for the following purposes:

• Processing and fulfilling your orders.
• Managing your account and providing customer support.
• Verifying eligibility and research affiliation as required.
• Preventing fraud, unauthorized transactions, and chargebacks.
• Sending transactional emails (order confirmations, shipping updates, refund notifications).
• Improving our website, products, and services through analytics.
• Complying with legal obligations and regulatory requirements.

3. Payment Data Handling

NuStandard Labs is committed to payment data security. We maintain PCI DSS SAQ-A compliance, which means:

• We never store, process, or transmit raw credit card data. Card information is entered directly into secure, hosted payment fields provided by our payment processor. Your card details never touch our servers or client-side code.
• Payment processing is handled entirely by PCI-compliant third-party payment gateways.
• We retain only non-sensitive transaction references (order IDs, transaction statuses, last four digits of card number) for order management and dispute resolution.

4. Third-Party Sharing

We do not sell your personal information. We share data only with the following categories of service providers, and only to the extent necessary:

• Payment processors: to process your transactions securely.
• Shipping carriers: to fulfill and deliver your orders.
• Analytics providers: to understand website usage patterns (data is aggregated and anonymized where possible).
• Legal and regulatory authorities: when required by law, subpoena, or government request.

5. Cookies and Tracking

We use cookies and similar technologies for:

• Essential cookies: authentication, session management, and cart persistence. These are required for the site to function.
• Analytics cookies: understanding how visitors interact with our site to improve user experience.

We do not use advertising or behavioral tracking cookies. You can control cookie preferences through your browser settings. Disabling essential cookies may impair site functionality.

6. Data Retention

We retain your personal information as follows:

• Account data: retained for as long as your account is active, plus 30 days after deletion request.
• Order records: retained for 7 years for tax, legal, and dispute resolution purposes.
• Transaction references: retained for 7 years as required by financial regulations.
• Usage analytics: retained in aggregated, anonymized form indefinitely.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

All Users

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.

California Residents (CCPA)

• Right to know what personal information is collected, used, and shared.
• Right to delete personal information.
• Right to opt-out of the sale of personal information (we do not sell personal information).
• Right to non-discrimination for exercising your rights.

EU/EEA Residents (GDPR)

• Right to access, rectification, erasure, and data portability.
• Right to restrict or object to processing.
• Right to withdraw consent at any time.
• Right to lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at privacy@nustandard.com. We will respond within 30 days (or 45 days for complex requests, with notice).

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including encryption in transit (TLS/SSL), access controls, and regular security assessments. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Children's Privacy

Our Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we discover that we have collected data from a minor, we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised “Last updated” date. Continued use of the Platform after changes constitutes acceptance of the revised policy.

11. Contact Us

For privacy-related questions or to exercise your rights: