Plain-language summary (not part of this Policy): This Policy explains how RxPlain handles information collected through our website, rxplain.com. We use it to respond to inquiries, run our business, market to organizations, improve the site, and meet legal obligations. We do not sell personal information. The site is not for protected health information — any PHI we handle for customers is governed by separate agreements, not this Policy.

1. Scope of This Policy

This Privacy Policy (“Policy”) describes how [LEGAL ENTITY NAME], doing business as RxPlain (“RxPlain,” “we,” “us,” or “our”), collects, uses, discloses, and protects information in connection with our website at www.rxplain.com and related pages that link to this Policy (collectively, the “Site”). It applies to visitors to the Site and to business contacts with whom we communicate for sales and marketing purposes.

This Policy does not apply to information that RxPlain processes on behalf of its customers as part of delivering its products and services. That information is governed by our agreements with those customers, as described in Section 2.

2. Important Note on Health Information and HIPAA

Please do not submit protected health information (“PHI”) through the Site. The Site is an informational and marketing resource and is not intended to collect health information about you or any patient.

When RxPlain handles PHI on behalf of a healthcare customer in the course of providing its products and services, RxPlain acts as that customer’s “business associate” under the Health Insurance Portability and Accountability Act (“HIPAA”), and that handling is governed by a separate Business Associate Agreement and the applicable customer agreement — not by this Policy. Information collected through the Site (such as a name, work email, and message submitted on a contact form) is business and contact information, not PHI, and is handled as described below.

3. Information We Collect

3.1 Information you provide to us

We collect information you choose to provide, for example when you submit a contact, demo, or pilot-inquiry form, subscribe to communications, or email us. This may include your name, employer or organization, job title, business email address, business phone number, and the contents of your message or inquiry.

3.2 Information collected automatically

When you use the Site, we and our service providers may automatically collect technical and usage information, including your IP address, device and browser type, operating system, referring and exit pages, pages viewed, links clicked, and the dates and times of your visits. We collect this information using cookies and similar technologies (see Section 4).

3.3 Information from third-party sources

For business-to-business sales and marketing, we may obtain business contact information (such as name, title, organization, and business email) about professionals at prospective customer organizations from third-party data providers, professional and public sources, and lead-enrichment services. We use this information to identify and contact organizations that may benefit from RxPlain.

4. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to operate the Site, remember preferences, understand usage, and support analytics and marketing. These may include strictly necessary cookies (required for the Site to function), analytics cookies (to measure traffic and performance), and marketing cookies (to understand campaign effectiveness). You can control cookies through your browser settings and, where offered, through any cookie banner on the Site. Blocking some cookies may affect how the Site works.

We currently use the following categories of providers: Squarespace, Google Analytics, HubSpot. Each provider processes information under its own privacy terms.

5. How We Use Information

  • To respond to your inquiries and provide information you request;

  • To communicate with you about RxPlain, including sales and marketing communications relevant to your organization;

  • To operate, maintain, secure, and improve the Site and our offerings;

  • To analyze usage and measure the effectiveness of our content and campaigns;

  • To detect, prevent, and respond to fraud, abuse, security, or technical issues;

  • To comply with legal obligations and enforce our terms and agreements; and

  • For any other purpose disclosed to you at the time of collection or with your consent.

6. How We Share Information

We do not sell your personal information. We may share information in the following circumstances:

  • Service providers. With vendors who perform services for us — such as website hosting, form processing, analytics, email and marketing platforms, and customer-relationship management — who are permitted to use the information only to provide those services to us;

  • Professional advisors. With our attorneys, accountants, auditors, and similar advisors as needed;

  • Business transfers. In connection with a merger, acquisition, financing, or sale of assets, or during diligence for such a transaction;

  • Legal and safety. When we believe disclosure is necessary to comply with law or legal process, to enforce our agreements, or to protect the rights, property, or safety of RxPlain, our users, or others; and

  • With your direction or consent. When you ask us to share information or otherwise consent.

7. Data Retention

We retain personal information for as long as needed to fulfill the purposes described in this Policy, to maintain business records, and to comply with our legal obligations, after which we delete or de-identify it. Retention periods vary based on the type of information and the purpose for which it was collected.

8. Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, alteration, and destruction. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

9. Your Choices

  • Marketing communications. You may opt out of marketing emails by using the unsubscribe link in any such message or by contacting us. We may still send you non-promotional messages about our relationship with you.

  • Cookies. You can manage cookies through your browser and any cookie controls offered on the Site.

  • Access and updates. You may request to access, correct, or delete personal information we hold about you, subject to the rights described in Section 10 and applicable law.

10. Your Privacy Rights (U.S. State Laws)

Depending on where you live, you may have rights under state privacy laws. Where applicable, these may include the right to know or access the personal information we have collected about you, the right to correct inaccuracies, the right to delete personal information, the right to opt out of the “sale” or “sharing” of personal information or targeted advertising, and the right not to be discriminated against for exercising your rights.

10.1 California

If you are a California resident, the California Consumer Privacy Act, as amended (“CCPA/CPRA”), provides the rights described above. We do not sell or share personal information as those terms are defined under the CCPA. The categories of personal information we collect, the sources, business purposes, and recipients are described in Sections 3 through 6. California’s Confidentiality of Medical Information Act (“CMIA”) may also apply to certain medical information; as noted above, the Site is not intended to collect such information.

10.2 Consumer Health Data (Washington and similar laws)

Some states, including under Washington’s My Health My Data Act and similar laws, provide specific protections for “consumer health data.” The Site is not designed to collect consumer health data. If any such data is collected, we will handle it in accordance with applicable law and will obtain consent where required.

10.3 How to exercise your rights

To exercise any of these rights, contact us or using the details in Section 14. We will verify your request as required by law and respond within the timeframe the law allows. You may use an authorized agent where permitted. If we deny your request, you may appeal by contacting us at the same address.

11. Children’s Privacy

The Site is intended for a business and professional audience and is not directed to children. We do not knowingly collect personal information from children under the age of 16 through the Site. If you believe a child has provided us personal information, please contact us so we can delete it.

12. Do Not Track and International Users

Some browsers offer a “Do Not Track” signal. Because there is no common industry standard for responding to these signals, the Site does not currently respond to them. The Site is operated in the United States and intended for users in the United States. If you access the Site from outside the United States, you understand that your information will be processed in the United States, where data-protection laws may differ from those in your location.

13. Third-Party Links

The Site may link to third-party websites and services that we do not control. This Policy does not apply to those sites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.

14. Changes to This Policy

We may update this Policy from time to time. When we do, we will revise the “Last Updated” date above and post the revised Policy on the Site. Material changes will be effective upon posting or as otherwise stated. Your continued use of the Site after the revised Policy takes effect constitutes your acceptance of it.

15. Contact Us

If you have questions about this Policy or our privacy practices, or to exercise your rights, contact us