What we collect.What we never will.

Local tracking data

Your peptides, vials, protocols, and dose logs live in your browser's IndexedDB or local app storage. They are not uploaded. Clearing browser storage for the site removes them entirely.

Reviews & community signals

Wallet-signed reviews, vendor bans, COA disputes, and adverse-event reports are stored in a shared Postgres database so the community can read them. They are anonymous by default — there is no email, no login. Connecting a wallet adds a Peprad-XXXX handle and signed authorship. Attached images are pinned to IPFS via Storacha; only the content hash is stored in the database.

Wallet data

When you connect a Solana wallet, pepra reads your public address and any $PEPRA balance to compute holder tier and vote weight. No private keys are touched, transmitted, or stored.

Telegram integration

Optional. If you opt in to Telegram dose reminders we store your Telegram chat ID tied to a randomly generated user ID. You can disconnect at any time from settings.

Analytics

pepra uses Vercel Analytics for anonymous traffic counts (pageviews, referrers, country-level geolocation). No tracker network. No ad SDKs. No fingerprinting. No cross-site profile.

No resale

We do not sell, rent, or share user data with third parties. Service providers (Vercel for hosting, Storacha for IPFS pinning, Telegram for the bot) only see what is strictly required to operate the feature.

Your rights

• Delete local data: clear browser storage.
• Disconnect Telegram: from settings.
• Disconnect wallet: from the header — pepra forgets your handle on disconnect.
• Export everything tied to your wallet: wallet-sign a request to POST /api/me/export — returns a JSON of your reviews, bans, disputes, AE reports, and vendor signer relationships.

Contact

Questions about how data is handled go to privacy@pepra.io or the DAO. Material policy changes are voted on, not pushed silently.