What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information, social security number or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, Open a Support Ticket or enter information on our site.
Provide us with feedback on our products or services
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To administer a contest, promotion, survey or other site feature.
- To quickly process your transactions.
- To ask for ratings and reviews of services or products
- To follow up with them after correspondence (live chat, email or phone inquiries)
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
- Help remember and process the items in the shopping cart.
- Understand and save user’s preferences for future visits.
- Keep track of advertisements.
- Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off it will turn off some of the features of the site.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.
We have implemented the following:
- Remarketing with Google AdSense
- Google Display Network Impression Reporting
- Demographics and Interests Reporting
- DoubleClick Platform Integration
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Can change your personal information:
- By emailing us
- By calling us
- By logging in to your account
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email
- Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders.
- Send you additional information related to your product and/or service
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at
- Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
7612 Cantrell Road
Little Rock, Arkansas 72227
Last Edited on 2018-06-21
Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
NW, LLC., DBA Express RX including its subsidiaries, is required by law to maintain the privacy of Protected Health Information (“PHI”) and to provide you with notice of our legal duties and privacy practices with respect to PHI. PHI is information that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services. This Notice of Privacy Practices (“Notice”) describes how we may use and disclose PHI to carry out treatment, payment or health care operations and for other specified purposes that are permitted or required by law. The Notice also describes your rights with respect to your PHI. We are required to provide this notice to you by the Health Insurance Portability and Accountability Act (“HIPAA”).
NW, LLC DBA Express Rx is required to follow the terms of this notice. We will not use or disclose your PHI without your written authorization, except as described or otherwise permitted by this notice. We reserve the right to change our practices and this notice at any time or as necessary and to make the new notice effective for all PHI we maintain. Upon request, we will provide any revised notice to you.
How We Use and Disclose Protected Health Information
The following categories describe ways that we use and disclose your protected health information. We have provided you with examples in certain categories; however, not every use or disclosure in a category may be listed.
Treatment. We may use your health information to provide and coordinate the treatment, medications and services you receive. For example, we may contact you regarding medications, equipment, supplies, compliance programs such as drug recommendations, therapeutic substitution, refill reminders, other product or service recommendations such as specialty and infusion therapies, counseling and drug utilization review (DUR), product recalls or disease state management.
Payment. We may use your health information for various payment-related functions. Example: We may contact your insurer, pharmacy benefit manager or other health care payer to determine whether it will pay for your medications, equipment and supplies and the amount of your co-payment. We will bill you or a third-party payer for the cost of medications, equipment and supplies dispensed to you. The information on or accompanying the bill may include information that identifies you, as well as the medications you are taking.
Health Care Operations. We may use your health information for certain operational, administrative and quality assurance activities. Example: We may use information in your health record to monitor the performance of the staff and pharmacists providing treatment to you. This information will be used in an effort to continually improve the quality and effectiveness of the health care and service we provide. We may disclose health information to business associates if they need to receive this information to provide a service to us and will agree to abide by specific HIPAA rules relating to the protection of health information.
We may also use your health information to provide you with information about benefits available to you, and, in limited situations, about health-related products or services that may be of interest to you.
We are permitted to use or disclose your PHI in the following instances.
To Communicate with Individuals Involved in Your Care or Payment for Your Care. We may disclose to a family member, other relative, close personal friend or any other person you identify, PHI directly relevant to that person’s involvement in your care or payment related to your care.
Food and Drug Administration (FDA). We may disclose to the FDA, or persons under the jurisdiction of the FDA, PHI relative to adverse events with respect to drugs, foods, supplements, products and product defects, or post-marketing surveillance information to enable product recalls, repairs, or replacement.
Worker’s Compensation. We may disclose your PHI to the extent authorized by and to the extent necessary to comply with laws relating to worker’s compensation or other similar programs established by law.
Public Health. As required by law, we may disclose your PHI to public health or legal authorities charged with preventing or controlling disease, injury, or disability.
Law Enforcement. We may disclose your PHI for law enforcement purposes as required by law or in response to a subpoena or court order.
As Required by Law. We will disclose your PHI when required to do so by federal, state, or local law.
Health Oversight Activities. We may disclose your PHI to an oversight agency for activities authorized by law. These oversight activities include audits, investigations, inspections, and credentialing, as necessary for licensure and for the government to monitor the health care system, government programs, and compliance with civil rights laws.
Judicial and Administrative Proceedings. If you are involved in a lawsuit or a dispute, we may disclose your PHI in response to a court or administrative order. We may also disclose health information about you in response to a subpoena, discovery request, or other lawful process instituted by someone else involved in the dispute, but only if efforts have been made, either by the requesting party or us, to tell you about the request or to obtain an order protecting the information requested.
Coroners, Medical Examiners, and Funeral Directors. We may release your PHI to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death. We may also disclose PHI to funeral directors consistent with applicable law to enable them to carry out their duties.
Notification. We may use or disclose your PHI to notify or assist in notifying a family member, personal representative, or another person responsible for your care, regarding your location and general condition.
Fundraising. We may contact you as part of a fundraising effort.
To Avert a Serious Threat to Health or Safety. We may use and disclose your PHI when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person.
Military and Veterans. If you are a member of the armed forces, we may release PHI about you as required by military command authorities. We may also release PHI about foreign military personnel to the appropriate foreign military authority.
National Security, Intelligence Activities, and Protective Services for the President and Others. We may release PHI about you to federal officials for intelligence, counterintelligence, protection to the President, and other national security activities authorized by law.
Victims of Abuse or Neglect. We may disclose PHI about you to a government authority if we reasonably believe you are a victim of abuse or neglect. We will only disclose this type of information to the extent required by law, if you agree to the disclosure, or if the disclosure is allowed by law and we believe it is necessary to prevent serious harm to you or someone else.
Other Uses and Disclosures of PHI
We will obtain your written authorization before using or disclosing your PHI for purposes other than those provided for above (or as otherwise permitted or required by law). You may revoke an authorization in writing at any time. Upon receipt of the written revocation, we will stop using or disclosing your PHI, except to the extent that we have already taken action in reliance on the authorization.
Your Health Information Rights
Obtain a paper copy of the Notice upon request. You may request a copy of our current Notice at any time. You may obtain a paper copy from your pharmacy or you may request one by e-mailing firstname.lastname@example.org .
Request a restriction on certain uses and disclosures of PHI. You have the right to request additional restrictions on our use or disclosure of your PHI by sending a request to the Privacy Officer email@example.com. We are not required to abide by those restrictions. We cannot agree to restrictions on uses or disclosures that are legally required, or which are necessary to administer our business.
Inspect and obtain a copy of PHI. In most cases, you have the right to access and copy the PHI that we maintain about you. To inspect or copy your PHI, you must send an e-mail request to the Privacy Officer firstname.lastname@example.org. There may be a nominal fee for the costs related to copying, shipping and supplies that are necessary to fulfill your request. We may deny your request to inspect and copy in certain limited circumstances as outlined in HIPAA regulations.
Request an amendment of PHI. If you feel that PHI we maintain about you is incomplete or incorrect, you may request that we amend it. To request an amendment, you must send an e-mail request to the Privacy Officer email@example.com. You must include a reason that supports your request. In certain cases, we may deny your request for amendment.
Receive an accounting of disclosures of PHI. You have the right to receive an accounting of the disclosures we have made of your PHI for most purposes other than treatment, payment, or health care operations. The right to receive an accounting is subject to certain exceptions, restrictions, and limitations. To request an accounting, you must submit a request via e-mail to the Privacy Officer firstname.lastname@example.org. Your request must specify the time period.
Request communications of PHI by alternative means or at alternative locations. For instance, you may request that we contact you at a different residence or post office box. To request confidential communication of your PHI, you must submit a request in writing to the Privacy Officer email@example.com. Your request must tell us how or where you would like to be contacted. We will accommodate all reasonable requests.
Where to obtain forms for submitting written requests. You may obtain forms for submitting written requests by contacting the Privacy Officer at firstname.lastname@example.org.
Express Rx will make all reasonable efforts to avoid incidental disclosures of protected health information. You have a right to be notified following any breach of your unsecured PHI.
If you are a minor who has lawfully provided consent for treatment and you wish for Express Rx to treat you as an adult for purposes of access to and disclosure of records related to such treatment, please notify a staff member, pharmacist or the Privacy Officer.
For More Information or To Report a Problem
If you have questions or would like additional information about Express Rx’s privacy practices, you may contact our Privacy Officer at email@example.com. If you believe your privacy rights have been violated, you can file a complaint with the Privacy Officer or with the Secretary of Health and Human Services.
This Notice is effective as of June 22nd, 2013.