This Privacy Policy describes how Rx Contract IQ ("Company," "we," "us," or "our") collects, uses, and shares information about you when you use our platform and services.
Table of Contents
We collect information you provide when you register for an account, use our platform, or communicate with us. This includes:
When you use our platform, we automatically collect certain technical information, including:
We use the information we collect for the following purposes:
We do not sell your personal information to third parties, and we do not use your uploaded PBM proposal data for any purpose other than providing you with the requested analysis.
We may share your information in the following limited circumstances:
We require all third-party service providers to maintain appropriate security measures and to use your information only for the purposes for which it was disclosed.
We retain your personal information for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data at any time by contacting us at [email protected].
Certain information may be retained for longer periods as required by law or for legitimate business purposes such as fraud prevention, dispute resolution, and enforcement of our agreements. Aggregated and anonymized data may be retained indefinitely for analytical purposes.
We implement industry-standard technical and organizational measures to protect your information against unauthorized access, disclosure, alteration, and destruction. Our security practices include AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, and regular third-party security assessments.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.
Depending on your jurisdiction, you may have the following rights regarding your personal information:
To exercise any of these rights, please contact us at [email protected]. We will respond to all requests within 30 days.
To the extent our services involve Protected Health Information (PHI) as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), we operate as a Business Associate and maintain safeguards consistent with HIPAA's Privacy Rule and Security Rule. We enter into Business Associate Agreements (BAAs) with applicable customers upon request.
PHI uploaded to the platform is encrypted at rest and in transit, access is strictly role-controlled, and audit logs are maintained for all PHI access events. We do not use or disclose PHI except as permitted under applicable HIPAA provisions and as specified in our BAA.
We use cookies and similar tracking technologies to operate and improve our platform. These include:
You can control cookie preferences through your browser settings. Disabling certain cookies may affect platform functionality.
Our platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately at [email protected] and we will promptly delete such information.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by email or through a prominent notice on our platform at least 30 days before the changes take effect. Your continued use of our platform after the effective date constitutes acceptance of the updated policy.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Team: