Privacy Policy
Effective Date: January 1, 2025
1. Information We Collect
We collect: (a) Account Information: name, email, phone, pharmacy details, NPI, DEA numbers; (b) Usage Data: login times, features used, report generation history; (c) Uploaded Data: pharmacy management system exports, inventory data, dispensing records, distributor invoices.
2. How We Use Your Information
We use your information to: (a) provide and improve the Service; (b) process transactions and send related information; (c) send technical notices, updates, and support messages; (d) respond to inquiries and provide customer service; (e) monitor and analyze usage patterns and trends.
3. Data Security
We implement industry-standard security measures including: (a) encryption of data in transit (TLS 1.3) and at rest (AES-256); (b) regular security audits and penetration testing; (c) access controls and authentication mechanisms; (d) secure cloud infrastructure with SOC 2 Type II compliance.
4. Data Retention
We retain your data for the duration of your subscription plus seven (7) years to comply with pharmacy record-keeping requirements. You may request data export or deletion subject to legal retention requirements.
5. Third-Party Services
We may share data with: (a) cloud hosting providers (AWS); (b) payment processors (Stripe); (c) analytics services (aggregated, non-identifiable data only). We do not sell your personal information or pharmacy data.
6. Your Rights
You have the right to: (a) access your personal data; (b) correct inaccurate data; (c) request data deletion (subject to legal requirements); (d) export your data in a portable format; (e) opt-out of non-essential communications.
7. HIPAA Compliance
RxAudit operates as a Business Associate under HIPAA. We maintain appropriate safeguards for Protected Health Information (PHI) and will execute a Business Associate Agreement (BAA) upon request.
8. Contact Us
For privacy-related inquiries: privacy@rxaudit.com