Medications & Essentials Delivered Swiftly

Policies

Privacy policy

1. Introduction


1.1 Purpose of this Policy.  This Privacy Policy (“Policy”) of Medications & Essentials Delivered Swiftly Inc. d/b/a MEDS, a New York business corporation (“our,” “us,” or “we”), applies to each one of our pharmacy customers, website visitors and mobile app users (“you” or “your”).  This Policy describes how we collect, use, and share your Personal Information (defined in Section 2.1), including health information.  This Policy also describes your options to control and set preferences for the collection, use and sharing of your Personal Information.  


1.2 About Us.  We are a pharmacy selling prescription-based medications and over-the-counter products. Through our website (https://medsrx.com/) and related mobile application, we enable our customers to order and manage their purchases and track deliveries for customers within our service territory.  For your medication, we will coordinate with you and your health care provider to manage your refill requests.  


1.3 Minimum Age Requirement.  Individuals under eighteen (18) years of age cannot use our services or access any of our Infrastructure except that customers under 18 years of age may purchase over-the-counter products when physically present in our brick-and-mortar stores in accordance with our store policies and applicable law.


1.4 Our Third Party Associates.  We rely on our relationships with various Associates (defined below) to conduct our business.  In this Policy, “Associates” will mean third parties with whom we conduct business for our business purposes, including: 

(a) any affiliates that control us, that we control, or that are under common control with us, such as our parents, subsidiaries and sister entities;  

(b) any third parties to whom we provide products, services or data, such as collaborators, advertisers and marketing agencies; 

(c) any health care providers to provide certain services you have requested, including those related to your health care; 

(d) any health plans to allow us to receive reimbursement for your prescription purchases; and 

(e) service providers and business partners who have been engaged to allow us to provide services to you or perform business functions on our behalf, such as customer support providers, credit card and payment processors, order fulfillment providers, market and data analyzers, product developers, website hosts, providers of communication systems (such as phone, text and email systems), providers of information technology systems (such as databases and data servers), online platform providers, information technology consultants, business advisors, auditors, accountants and attorneys.  


1.5 Our Infrastructure.  We may use our Infrastructure (defined below) to collect your Personal Information.  In this Policy, “Infrastructure” will mean the resources used by us or our Associates to receive or collect information, including the following resources: 

(a) https://medsrx.com/; 

(b) the mobile app named, Meds rx Pharmacy Delivered (“App”), which is downloadable at the App Store™ controlled by Apple Inc., the Google Play™ store controlled by Google LLC, or any other app marketplace where we make such app available;

(c) any other websites, ecommerce stores, servers, online portals, products, web portals, mobile applications and electronic user interfaces; 

(d) social media pages, email messages, text messages and direct messages; 

(e) phones, computers, web cameras and other communication devices operable to receive your written, text, oral, telephonic and video communications;

(f) real time communications with our representatives, including interviews, discussions, conversations and conferences via in-person interaction or video, phone or other means; 

(g) any brick-and-mortar facilities (such as stores) as well as any cameras, beacons, sensors and other tracking equipment located at such facilities; 

(h) any means for personal interaction or observation, such as the collection of survey results from you when you are located at such facilities; and 

(i) surveys, forms and other materials used to document your answers, feedback or behavior at such facilities.  


1.6 Mobile App Privacy.  This Policy applies to Personal Information we receive through all parts of our Infrastructure.  If we receive Personal Information through a mobile app that we own or operate, the related end user license agreement (if any) or screens or content in the applicable app marketplace (e.g., App Store™ or the Google Play™ store) may provide notices about how the app collects and uses such Personal Information.  If the app collects and sends Personal Information to others, such notices may describe that process as well.  Therefore, to fully understand the privacy of any Personal Information collected by any of our mobile apps, please review such notices as well as this Policy.  


1.7 Set of Online Documents.  This Policy includes and incorporates our set of online documents, including our Terms of Use and HIPAA Notice of Privacy Practices, and Cookie Policy.  Our Terms of Use include and incorporate this Policy.  Certain health information that we collect may be considered “protected health information” or “PHI” as defined under the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”). You should review our HIPAA Notice of Privacy Practices, which governs our use and disclosure of PHI. 


2. Meaning of Personal Information


2.1 Personal Information.  In this Policy, “Personal Information” will mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household.  


2.2 Deidentified Information and Aggregate Consumer Information.  Deidentified Information (defined below) and Aggregate Consumer Information (defined below) are not Personal Information.  We may create Deidentified Information and Aggregate Consumer Information by removing identifiers from your Personal Information and satisfying the other requirements of applicable law.  


2.3 In this Policy, “Deidentified Information” will mean information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to you, provided that the user of the deidentified information: 

(a) has implemented technical safeguards that prohibit reidentification of you; 

(b) has implemented business processes that specifically prohibit reidentification of the information; 

(c) has implemented business processes to prevent inadvertent release of deidentified information; and

(d) makes no attempt to reidentify the information.


2.4 In this Policy, “Aggregate Consumer Information” will mean information that relates to a group or category of consumers, from which individual consumer identities have been removed, that is not linked or reasonably linkable to any consumer or household, including via a device. 


3. No Sale of Your Personal Information


3.1 We do not, and will not, sell any of your Personal Information.  


3.2 When companies perform market research for their products and services, they often rely on data that describes the shopping and buying activities of a consumer population.  In exchange for supplying Deidentified Information or Aggregate Consumer Information to these types of companies and other third parties, we may receive payments or other monetary or valuable consideration.  


4. How We Collect Your Personal Information


We may collect your Personal Information in a variety of ways, such as by: 

(a) automatically pulling data from your browser or device, such as your computer or smartphone, by embedding computer code or data files to track your activity or geolocation, by other tracking means or methods described in our Cookie Policy; 

(b) receiving information you have provided to us via phone, text, email, electronic message, online form submission or other communications, including when you place orders; 

(c) receiving information from our Associates who have shared with us, the information you have made available, including health care providers and health plans permitted to disclose this information to us; 

(d) communicating with you in-person; and

(e) photographing or video recording you when you visit any brick-and-mortar facilities of our Infrastructure.  


5. The Categories of Your Personal Information We May Collect


The following table lists the categories of your Personal Information that we may collect for our business purposes:   


Categories of Personal Information

Examples of Personal Information

Identifiers 

(if you chose to provide them)

Your name, unique personal identifier, Internet Protocol (IP) address, date of birth, email address, account name, social security number, driver’s license number, state identification card number, passport number, signature, physical characteristics or description, address, telephone number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, and any other of your financial information, medical information, or health insurance information. 

Characteristics of Protected Classes 

(if you chose to provide them)

Your race, color, national origin, religion, gender (including pregnancy), disability, age and citizenship status. 

Biometric Information 

(if you chose to provide it)

Photos, videos and images of you, including your face, eyes, fingerprints and voice. 

Network Activity and Device Information 

Your device, browser, internet or other electronic network activity information, including browsing history, search history, information regarding your interaction with an internet website, application, or advertisement, network routing information (where you came from), date/time stamps, clickstream information (when a webpage was visited and how much time was spent on the webpage), device information, browser type, Internet Protocol (IP) address (which may identify your general geographic location), referring/exit webpages, and number of visitors, views, and interactions. 

Geolocation Data 

(if you chose to provide it)

Your general geographic location and your Internet Protocol (IP) address, which may identify your general geographic location. 

Audio and Visual Information 

(if you chose to provide it)

Your audio, electronic, visual, thermal, olfactory, or similar information, including voices, sounds, photos and videos of you. 

Professional Information 

(if you chose to provide it)

Your professional or employment-related information. 

Inferred Profile Information

Inferences drawn from any of the information described in this table to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.

Health Information

(if you chose to provide it)

Your health information, including medical records and health insurance information.  See our HIPAA Notice of Privacy Practices.

Financial Information

(if you chose to provide it)

Your financial information, including credit card information, bank account information, and information related to your other payment sources. 



6. The Categories of the Sources of Your Personal Information


We may obtain your Personal Information from the following categories of sources: 


Categories of Sources

Description

You

We may collect the content, communications and Personal Information you send or provide when you use our products, services or Infrastructure.  

Your Devices

We may pull your Personal Information from your devices and browsers through tracking methods and by placing cookies as described in our Cookie Policy.  

Other People

We may receive your Personal Information from people who use our products or services.

Our Associates

We may receive your Personal Information from our Associates, including your physicians and health insurers



7. Our Purposes for Using Your Personal Information


7.1 We may collect, use, keep and share your Personal Information if doing so is necessary for us or our Associates to conduct any of the following activities (“Necessary Purposes”): 


Necessary Purposes

Description

Your Transaction

This includes completing the transaction for which your Personal Information was collected, provide a good or service that is requested by you or is reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between us and you, including processing your prescription and other over-the-counter purchases and any applicable discounts. 

Security

This includes detecting security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity. 

Repairs

This includes debugging to identify and repair errors that impair existing intended functionality. 

Free Speech

This includes exercising free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law. 

Research In The Public Interest

This includes engaging in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of your Personal Information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent. 

Internal Uses as You Expect

This includes enabling solely internal uses that are reasonably aligned with your expectations based on your relationship with us.

Complying with Law

This includes complying with a legal obligation. 

Internal Uses in Context 

This includes otherwise using your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the Personal Information. 



7.2 We may use, keep and share your Personal Information for the following additional purposes: 


Additional Purposes

Description

Marketing Activities

This includes planning and performing the marketing activities for our products, services and Infrastructure. 

Product/Service Improvement

This includes evaluating, improving, researching and developing our products, services and Infrastructure. 

Personalizing

This includes personalizing our products, services and Infrastructure for you, such as by displaying advertisements that align with your unique interests. 

Notifying You

(until you opt-out)

This includes notifying you about new releases, alerts, updates, prices, terms, offers, or developments regarding our products or services. 

Your Testimonials

(with your consent)

This includes posting testimonials in our Infrastructure if you have given us authorization for the testimonials. 

Tell a Friend

(with your approval)

This includes contacting your friend for any referral or “tell a friend” feature that you have approved. 

Safety

This includes protecting, as we determine necessary or appropriate, the health, safety, security or privacy of our employees, agents, visitors and Infrastructure. 

Corporate Transactions

This includes transferring or supplying a copy of your Personal Information to a third party that acquires any portion of our business, assets, stock or equity in connection with a reorganization, merger, sale, joint venture, contractual assignment, transfer or other transaction, including any bankruptcy or similar proceeding. 

Complying with Authorities 

This includes acting, as we determine appropriate, to: (a) comply with applicable laws, including laws outside your country of residence; and (b) respond to requests from law enforcement authorities and public and government authorities, including those authorities outside your country of residence. 

Enforcing Our Rights

This includes enforcing our rights under the Terms of Use and agreements with you, including pursuing available remedies and limiting the damages that we may sustain. 

Other Business Purposes

This includes our other business purposes.  



8. The Categories of Third Parties Who May Receive Your Personal Information


8.1 We may disclose your Personal Information to the following categories of third parties:  


Categories of Sources

Description

Connected People and Businesses

This includes people and businesses that own or operate apps, websites, products and services that are connected to our products, services or Infrastructure.  

Associates

This includes our Associates involved with our business purposes.  

Law Enforcement Agencies

This includes law enforcement agencies concerning activity that that we reasonably, and in good faith, believe may violate federal, state, or local law.  

Others Permitted by Applicable Law

This includes other third parties permitted to receive your Personal Information in accordance with the applicable laws.  



8.2 Based on your voluntary conduct, third parties may receive your Personal Information, such as: 

(a) people and businesses to whom you share your Personal Information; and 

(b) people and businesses who receive your Personal Information from those who originally received it from you.  


9. Privacy Policies of Third Parties


Our Infrastructure may provide links to or the ability for you to connect with resources owned or controlled by third parties, such as third party websites, services, social networks and mobile applications.  Some of these resources may be integrated into our products, services or Infrastructure.  Clicking on these resources or enabling these connections may enable the applicable third party to collect or share your Personal Information.  These third party resources are beyond our control.  We encourage you to check the privacy policies of these third party resources before providing your Personal Information to them.  


10. How to Control Your Preferences


10.1 Opt-Out Settings.  We may enable you to opt-out of, decline or disable certain features that involve the use of your Personal Information.  For example, we may enable you to select a setting to opt out of marketing emails and messages by modifying your user profile or using our unsubscribe link.  


10.2 Cookie Settings.  You may disable certain cookies as described in our Cookie Policy.  However, your election to disable cookies may degrade the functionality of our products, services and Infrastructure.  


10.3 Blocking of Advertisements.  Your browser may enable you to block advertisements.  However, doing so may degrade the functionality of our products, services and Infrastructure.    


11. Specific Privacy Laws


11.1 Health Privacy Laws


We may enter into a contract with you (or engage in a transaction with you) that involves your health or medical services.  In accordance with this contract, you may provide us with Personal Information that includes your health information.  Your health information may be protected under applicable laws, such as the Health Information Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH).  These laws may provide certain provisions regarding such contract, the handling of your health information, your rights, and the procedures we must follow.  These laws may require that we give you certain health privacy notices beyond the notices in this Policy.  We will comply with these laws.  Please refer to our HIPAA Notice of Privacy Practices.


11.2 Financial Privacy Laws 


We may enter into a contract with you (or engage in a transaction with you) that involves our receipt of Personal Information that includes your financial information.  Your financial information may be protected under applicable laws, such as the Privacy of the Gramm–Leach–Bliley Act (Public Law No. 106-102) and the Privacy Regulations and related implementing regulations, and the standards for safeguarding customer information set forth in 12 CFR Part 364 and 16 CFR Part 314.  These laws may provide certain provisions regarding such contract, the handling of your financial information, your rights, and the procedures we must follow.  These laws may require that we give you certain financial privacy notices beyond the notices in this Policy.  We will comply with these laws.  


12. How to Request Opt-Outs, Corrections, Deletions and Copies


12.1 You may have the ability to update your account profile and related Personal Information by logging in to your user account and following the prompts to update your profile.  


12.2 Also, you may provide us with a request to: (a) obtain a copy of your Personal Information in our possession; (b) correct or delete any such Personal Information; or (c) change how we collect or use your Personal Information.  In your request, please make clear the specific pieces of Personal Information you would like to have changed or deleted from our databases.  To submit a request under this Section, state “Legal Matter” in the subject line of your request, and sent your request through our contact page or by writing or emailing us at the following address:  


MEDS 

Legal Department

1104 2nd Ave, New York, NY 10022

Email Address: info@medsrx.com


Our HIPAA Notice of Privacy Practices describes how you may update or amend your PHI.


12.3 For security purposes, we may require identity verification before processing your request.  


12.4 We will respond to your request within a reasonable timeframe and in accordance within the requirements, frequency and timing specified by the applicable laws.  We may decline part or all of your request as permitted by the applicable laws.  For example, we may decline to delete your Personal Information if the applicable laws permit us to retain it for Necessary Purposes or other business purposes.  In such cases, we will let you know the reason for the decline.  


13. How Long We May Keep Your Personal Information


13.1 We may retain your Personal Information until we no longer have Necessary Purposes or other business purposes to keep your Personal Information (“Retention Period”).  


13.2 At the end of the Retention Period or when you delete your user account, whichever comes first, we may permanently destroy, erase, delete, encrypt or disable access to your Personal Information in a manner designed to ensure that it cannot be reconstructed or read.  You will not be able to recover such Personal Information later.  


14. Security of Your Personal Information


The security of your Personal Information is very important to us.  Directly or through our Associates, we use physical, technical, and administrative safeguards designed to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction.  However, we cannot warrant the security of any Personal Information that you send us.  There is no guarantee that your Personal Information will not be unlawfully accessed or destroyed by a hacking incident, cyberattack or other breach of our physical, technical or administrative safeguards.  


15. Policy Updates


We may update this Policy from time to time.  The date provided at the beginning of this Policy is the latest revision date of this Policy.  To request a prior version of this Policy, please contact us.   

MEDS HIPAA Notice of Privacy Practices


THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.  PLEASE REVIEW IT CAREFULLY.


Medications & Essentials Delivered Swiftly Inc. d/b/a MEDS ( “MEDS”) is legally required to:


  • maintain the privacy and security of your Protected Health Information;
  • provide to you this detailed Notice of our legal duties and privacy practices relating to your Protected Health Information; 
  • Notify you following a breach of your Protected Health Information; and
  • Abide by the terms of the Notice that are currently in effect.  

MEDS may use and disclose your Protected Health Information for the purposes of treatment, payment, and health care operations as described below.


For Treatment. Our staff and affiliated health care professionals may review and record information in your record about your treatment and care. We will use the information to dispense prescription medications to you.  In addition we will disclose this health information to health care professionals in order to coordinate your treatment and care.  For example, a pharmacist may consult with your physician to determine how to best treat you or with an emergency room physician who is treating you to avoid dangerous drug interactions. 


For Payment.  MEDS may use and disclose your Protected Health Information to others in order for Pharmacy to bill for your health care services and receive payment.  For example, we may contact your insurance company to determine whether it will pay for your prescription and the payment amount. We may also include your health information in our claim to your insurance company, Medicare or Medicaid in order to receive payment for services provided to you or disclose your health information to other health care providers so that they can receive payment for their services. 


For Health Care Operations.  We may use and disclose your information to others for our business operations, such as to improve the quality of our services.


MEDS may also use and disclose your Protected Health Information for other specific purposes that are required or permitted by law. These include for the purposes of: (1) Promoting public health and safety (e.g; preventing disease, adverse reactions to medications, reporting suspected abuse); (2) complying with the law (e.g.; if state or federal law requires it); (3) assisting coroners, medical examiners, funeral directors, organ procurement agencies (e.g.; assisting in autopsies or organ donations); (4) complying with government requests (e.g.; for workers compensation claims, law enforcement purposes, health oversight agencies); and (5) sharing information with vendors and agents who create, receive, maintain or transmit PHI for certain functions or activities on behalf of the Pharmacy.  


Authorization.  MEDS may use and disclose your Protected Health Information for purposes other than as described in this Notice or required by law only with your written authorization.  You may revoke your authorization to use or disclose Protected Health Information in writing at any time.


Rights.  You have certain rights concerning the use and disclosure of your Protected Health Information.  The law describes them in more detail, but generally they are:


  • The right to request restrictions on certain uses and disclosures of your Protected Health Information (although we do not have to agree with them).
  • The right to request confidential communications (such as designating a certain telephone number or email address) if your request is reasonable.
  • The right to inspect or obtain an electronic or paper copy of your Protected Health Information.  We may charge a reasonable, cost-based fee.
  • The right to amend your Protected Health Information under limited circumstances specified by law. 
  • The right to receive an accounting of disclosures of Protected Health Information for six years prior to the date you ask for all disclosures except those made for purposes of treatment, payment or health care operations. 
  • The right to receive a paper copy of this Notice at any time.
  • If you have designated someone as your Health Care Proxy or if someone is your legal guardian or surrogate, that person can exercise your rights and make choices about your health information, if the person has the required authority.

Complaints.  You may complain if you feel we have violated your rights by contacting us using the contact information listed in this Notice. You may also file a complaint with the Secretary of the United States Department of Health and Human if you believe your privacy rights have been violated.  We will not retaliate against you for filing a complaint.


Amendments:  We reserve the right to amend this Notice and to make the new Notice provisions effective for all of your Protected Health Information maintained by us.


Effective Date of this Notice:  This Notice to you will be effective on the date you click the button or selector that accompanies this Notice or the online document that includes a link to this Notice. 


Contact Information:  For more information about MEDS’ privacy practices, please contact the Privacy Officer at (212) 371-6000.