Privacy Policy

Last Updated: January 16, 2024
Thank you for using MedsChat.com. This page explains what, how, and why we collect information when you use our services. Please know that we are committed to safeguarding your privacy. Therefore, this policy details how we treat your Personal Information as well as the choices available to you regarding the use of, your access to, and how to update and correct such information.

Overview


This privacy statement applies to services provided through our website www.medschat.com which is owned and operated by Limelight Innovations L.L.C., a State of Colorado limited liability company. We operate an online community which allows individuals to discuss drug related topics with one another.

Policy Changes


We may update this Privacy Policy from time to time. Laws, regulations, and industry standards evolve, which may make those changes necessary, or we may make changes to our services or business. We will post the changes to this page and encourage you to review our Privacy Policy to stay informed. If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email or through a notice on our website.

Contacting Us


If you have any questions or comments, or if you have a concern about the way in which we have handled any privacy matter please use our contact form or email us at [email protected] to get in touch. You may also reach us via postal mail at:

MedsChat.com
9878 W Belleview Ave #5000
Denver, CO 80123
USA

Data Collection


We collect information about our users in a variety of ways, some of which is automatic. When we collect information automatically, it is used to help us measure, optimize, and secure our website. Other Personal Information collected from users (such as an Email Address) is voluntary (opt-in) on their part. MedsChat.com is the sole owner (controller) of data which we collect from our users and it is only shared with Service Providers (processors) as outlined in this privacy statement or as required by law. Specifics of our data collection practices are further outlined below:

Automatically Collected Data


We collect and store certain information inside log files and cookies automatically. This helps us to track high level statistics about our visitors, how our site is most used, and it helps us to secure our website. Furthermore, this allows us to ensure that we are providing the best possible service and to tailor content to users more appropriately. At a high level we record how you arrived here, what pages you view within our site, and some basic information about your computer and location. Please note that this information does not tell us who you are. It simply shows us that somebody visited our site.

Statistics which we track:
Statistics may be collected by third parties through cookies and other tracking technologies (such as clear images and scripts) when you use our site. This includes services such as AddThis, Google Analytics, and our Advertising Partners. These companies may track the same data as what we have described above using their own servers and they maintain their own privacy policies which are separate from ours. We may also collect and share hashed or anonymized user data with third parties.

Google Analytics


We use Google Analytics to measure visits to our website and when an email which we send is opened. This includes a unique ID stored in the form of a cookie inside your browser so that the Analytics service can identify new vs repeat visitors and provide us with aggregate data as outlined above. Please note, however, that our Google Analytics settings block the transmission of your full IP address or any other Personal Information (using their IP Anonymization method). Furthermore, we have disabled Advertising Features in our Analytics account for added privacy. Lastly, we reviewed and accepted their Data Processing Amendment for the General Data Protection Regulation on 5 April, 2018. If you wish to completely opt out of Google Analytics tracking, please visit: https://tools.google.com/dlpage/gaoptout.

Because we employ multiple Google technologies (such as Analytics and Ads) you may also be interested in their page "How Google uses data when you use our partners' sites or apps"
https://policies.google.com/privacy/partners?hl=en

Personal Information


In using our service you may choose to provide us with your Email Address. This is collected and processed if you: Choose to receive notifications from one or more Discussion Threads; Subscribe to our Health Newsletter; Email yourself a Prescription Discount Card; Share a page from our site via the "Email a Friend" form; Send us a message via our Contact form or through your email account. This information is collected on a voluntary (opt-in) basis and is not required for you to view pages on our site. We expressly prohibit the posting of any Personal Information in our discussion threads (such as an individual's full name, address, telephone number, or email address). Such information will be promptly removed by our moderators once discovered.

Please note that your Email Address is not shared outside of our organization, support staff, and our Email Service Providers (see the Service Providers section for more details). As part of our internal security, we may tie your Email Address to the statistics which we automatically collect above.

If you share a page from our website via the "Email a Friend" form, we will also collect and process your friend's Email Address. We only use this information to transmit the email message for sharing content from our website on your behalf. Your friend's Email Address is never stored on our servers, but a copy of the outgoing email message (including the sender and recipient's Email Address) is retained by our Email Service Provider for up to 30 days. This is so that we can track and diagnose any issues which arise with our outgoing email.

Reporting or Voting for a Post


If you choose to Vote on the helpfulness of a reply or Report a specific message inside our forums to us, we will store the IP address associated with the corresponding action. This is to identify usage patterns for preventing abuse to our service. We may also tie your IP address to other data which we collect from you as listed above.

Social Sharing


When you choose to bookmark and share pages from our website using the buttons which we provide, you may be routed through the AddThis service and onto one or more social networks. Please note that AddThis and the target social network (as outside services) maintain their own privacy policies which govern the collection and use of the information collected on those sites.

Prescription Discount Card


We offer a branded Prescription Discount Card / Rx Savings Voucher to patients located inside the United States. When an individual uses it to claim a savings on their prescription from the pharmacy, the process is handled by third parties (which may include the dispensing pharmacy and benefit managers DataRx or RxCut) who maintain privacy and data collection practices which are separate from ours. We are provided with reports containing the Member ID, the Date that a prescription was filled, the Name & Location of the pharmacy, the specific Drug which was dispensed, and the Cost of filling the prescription (but not an individual's name, address, or social security number). This data is collected so that we may understand how the discount card is being used as well as evaluating our marketing efforts of this service. If you do not wish for this information to be known by us, please do not use our discount card.

Drug Forums


We may share the publically available content of our drug forums with third parties for them to more easily evaluate the messages on our site. This is limited to fields which are already published on our website for the public to see, with the inclusion of a message's country of origin. This does not include any personally identifiable fields which we collect such as email address, ip address, etc.


Tracking Technologies

Privacy PolicyTracking Technologies

MedsChat.com and its partners use cookies or similar technologies to analyze trends, administer the website, track users' movements around the website, and to gather demographic information about our user base as a whole. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.

By using any of our online forms to participate in Discussion Threads, Send us a Message via our Contact form, email yourself a Prescription Savings Card, Subscribe to our Health Newsletter, or Share a page from our site via the "Email a Friend" form, your Email Address (plus your Name if it is collected) is stored in a cookie so that you do not need to reenter it the next time you visit our site. Please note that this cookie is not shared with any outside parties and is valid for a period of 90 days from when you last complete one of the actions above. If you select the option "I'm on a public or shared computer" before submitting the form, we will not store this information inside a cookie. If you wish to clear this previously stored information click here or visit our Cookie Manager.

Advertising


We work with third-party advertising companies to serve ads when you visit our website. In the course of serving such ads, these companies may use technologies such as cookies to track your visits to this and other websites in order to provide advertisements about goods and services of interest to you. The companies that generate these cookies have their own privacy policies, and we do not have access to read or write these cookies. Furthermore, such companies may link and combine user data with data from other sources. If you would like more information about this practice and opting out you can review Your Advertising Choices. Please note that this does not opt you out of being served ads altogether. You will continue to receive generic ads.

Google's DoubleClick Cookie: The DoubleClick cookie is used by Google in the ads served on the websites of its partners, such as websites displaying AdSense ads or participating in Google certified ad networks. Google's use of the DoubleClick cookie enables it and its partners to serve ads to you based on your visit to this and/or other sites on the Internet. You may opt out of the use of the DoubleClick cookie for interest-based advertising by visiting:
https://www.google.com/ads/preferences/

Service Providers

We may share your information with the following third parties who provide services on our behalf to help with business activities as described below. These companies are authorized to use your personal information only as necessary to provide these services to us.

We use MailGun as an outside service (processor) to transmit email messages on our behalf. Because of this, we must share your Email Address with them at the time of email transmission. MailGun maintains a Data Processing Agreement with their customers and they only store personal data on a temporary (as needed) basis to provide their service. For more details, please see https://www.mailgun.com/gdpr and https://www.mailgun.com/privacy-policy.

Incoming email archives for our service (such as when you send us a message directly through email) are stored in the Google Cloud Platform. You can read more about their Data Protection Commitments at https://cloud.google.com/security/gdpr/.

We employ Rackspace and Vultr cloud servers for web hosting. We have engaged in Data Protection Addendums with them as processors of our service. More details are available at https://www.rackspace.com/information/legal/dataprocessingaddendum_MC and https://www.vultr.com/legal/compliance/

We use CloudFlare as our DNS & HTTP proxy. This helps to protect our servers from denial of service attacks and unauthorized access attempts. Please note that our use of CloudFlare results in a cookie being assigned to each individual called "__cfuid". As explained on their page What does the Cloudflare cfduid cookie do?, "The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis... This cookie is absolutely necessary for supporting Cloudflare's security features and cannot be turned off." Subsequently, we have engaged in a separate Data Processing Addendum with them per the instructions outlined at https://www.cloudflare.com/cloudflare-customer-dpa/.

You have the right to request the correction or deletion of any personal data which is held about you. Please see the Data Requests heading below for more details.

Data Retention


We will retain and use your information as necessary for our security, to comply with our legal obligations, resolve disputes, and enforce our agreements.

Automatically Collected Data as outlined above is stored on our internal servers and corresponding backup devices for a period of 120 days before being deleted. User data tracked through Google Analytics is valid for a period of 26 months from the time of your last visit to our website (this applies to a unique cookie ID and does not include your Email or IP address). Outgoing email records sent through MailGun are stored for a period of 30 days.

In addition, we maintain a record of user data (including your IP address and Email if provided) if you: Choose to receive notifications from one or more Discussion Threads; Subscribe to our Health Newsletter; Email yourself a Prescription Discount Card; Report a Post in our discussion threads to us; Vote for the helpfulness of a reply inside our discussion threads; Share a page from our site via the "Email a Friend" form; Send us a message via our Contact form or directly through your email account. As mentioned before, this information is collected on a voluntary basis and is not required for you to view pages on our site.

You have the right to request the correction or deletion of any personal data which is held about you. Please see the Data Requests heading below for more details.

Data Transfers


MedsChat.com is responsible for the processing of personal data that it receives and subsequently transfers to third party Service Providers (as outlined in this privacy statement) acting on its behalf.

Your information, including personal pata, may be transferred to and maintained on computers located outside of your jurisdiction where the data protection laws may differ. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States.

Your consent to this privacy policy followed by your submission of such information represents your agreement to that transfer.

MedsChat.com will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place, including the security of your data and other personal information.

For the transfer of personal data to the United States, these controls include technical measures (such as encryption), and legal tools such as European Commission pre-approved Standard Contractual Clauses, and Data Processing Agreements. Therefore, such transfers comply with the Article 46 of the GDPR Regulation.

MedsChat.com commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our privacy policy should first contact MedsChat.com via our contact form.

Your Choices and Rights


You may choose to limit the personal data you provide to us, or the uses we make of those data. You may also access, correct, amend, or delete the personal data we hold about you at any time by contacting us. If we intend to use your data for a purpose not initially disclosed, we will offer you the ability to opt out before we proceed. We will also provide you with the means to withdraw your consent for the continued collection, use, and disclosure of your personal information. For more information, or to exercise these rights, please reach out via our contact form.

Unsubscribing


If you no longer wish to receive our Newsletter or other system-generated Emails, you may opt out by following the link included inside each message or by emailing us via our contact form.

Data Requests


Upon request we will let you know whether we hold any of your Personal Information. If you wish to request a copy of, or for us to update, delete, or restrict of any Personal Information which we hold or process for you, please use our contact form to reach us. We will respond to your request within ten days.

California Privacy Rights


This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Privacy Rights Act or "CPRA".

For more details about the personal information we have collected over the last 12 months, how we use or share it, and what your rights are, please see Data Collection and the other sections in this privacy policy.

Subject to certain limitations, the CPRA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any "sales" that may be occurring, and to not be discriminated against for exercising these rights.

California consumers may make a request pursuant to their rights under the CPRA by contacting us at [email protected] or via our contact form. We will verify your request using the information provided to us, including email address. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.

To block our use of third-party cookies for analytics and interest based advertising (which may fall under the classification of "selling" information), please visit our do not sell page.

Policy Regarding Children


Our website is not intended for use by minors. We do not knowingly collect information from individuals under the age of eighteen. If you are a parent or guardian and believe we have collected information about your child in violation of this policy, please notify us as described under the Contacting Us heading.

Security


We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. Our servers are located in a secured facility and we employ firewalls for additional protection. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. If we discover that there has been a material breach of security which could have resulted in the unauthorized disclosure of your Personal Information, we will notify you via email within 72 hours.

If you use a discussion thread on this website, you should be aware that any personally identifiable information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums.

If you have any questions about security on our website, you can send us a message via our contact form.

Links to Other Sites

Our service includes links to other websites (either directly or through advertisements) whose privacy practices may differ from those of MedsChat.com. If you submit Personal Information to any of those sites, your information is governed by their data collection practices and we are not responsible. We encourage you to carefully read the privacy statement of any website you visit. Neither party has authority to make any representations or commitments on behalf of the other.

Legal Disclosure

In certain situations, MedsChat.com may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

As a result, we reserve the right to disclose your personally identifiable information as required by law, such as to comply with a subpoena or similar legal process, and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our website.

If MedsChat is involved in a merger, acquisition, or sale of all or a portion of its assets, we will post a prominent notice on this page of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.