CareCard™ Program Privacy Policy (USA)

Last Updated: July 1, 2024

This Privacy Policy ("Policy") outlines the practices of CareCard Inc. and its affiliates (referred to collectively as "Company," "we," "us," or "our") regarding the collection, use, and disclosure of Personal Information (as defined below) gathered through our mobile applications ("Application(s)"), websites ("Site(s)"), and other interactions related to the CareCard brand, CareCard™ logo, and CareCard™ branded programs. These Applications, Sites, and CareCard Programs are collectively referred to in this Policy as the "Services."

Privacy laws and guidelines are continually evolving. We reserve the right to modify this Policy at any time at our discretion. Any changes to this Policy will become effective immediately upon being posted on the Site and Application. Significant changes will be prominently posted or otherwise communicated to you. Please review this Policy carefully.

State-Specific Privacy Rights:

If you are a resident of California, Colorado, Virginia, Connecticut, or Utah, please refer to the state-specific supplemental privacy notice section below for details that may apply to you.

This Policy does not apply to information collected from our employees, job applicants, or any program or service offering that we manage on behalf of a third party where we are not the data controller. For such third-party programs, please contact the third party directly to understand their data privacy practices.

1. Categories of Personal Information We Collect

In this Policy, "Personal Information" refers to any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual. The following categories of Personal Information may be collected:

1.1. Identifiers: Information including your first name, middle initial, last name, suffix (e.g., Jr., Sr.), date of birth, email address, postal address, phone number, account name, IP address, and unique personal identifiers.

1.2. Customer Records: Details such as telephone number, program dates, customer status, prescription and medication information, insurance information, and related records.

1.3. Protected Classifications: Details such as gender and age.

1.4. Commercial Information: Information about products or services purchased, considered, or other purchasing or consuming tendencies.

1.5. Internet Activity: Data on browsing history, search history, and interactions with the Site, Application, or advertisements.

1.6. Geolocation Data: Data determined by GPS, IP address, and device sensors, including precise location data where allowed by device and account settings.

1.7. Inferences: Inferences drawn from Personal Information to build a profile, suggest preferences, or make recommendations.

1.8. Sensitive Personal Information: Details about health, precise geolocation, and account log-in credentials.

This Policy does not cover data that is publicly available, anonymized, aggregated to protect your identity, or collected when acting as a data processor for a third-party data controller.

2. Sources of Personal Information

We collect Personal Information from the following sources:

2.1. Information You Provide Directly to Us:

This includes any Personal Information you provide when using the Site, downloading the Application, and engaging with our Services.

2.1.1. Accounts: Information provided when creating an account, populating a health profile, or using the Medicine Chest feature to store information on prescriptions and health conditions.

2.1.2. Customer Service and Contact: If you reach out to us (e.g., via email or phone), we may retain the content and responses related to your inquiry.

2.1.3. Marketing Communications: If you provide contact details, we may send you promotional communications. You may opt-out via the unsubscribe link in marketing emails or by contacting us directly.

2.1.4. Feedback: Any feedback provided will not be treated as confidential and may be used for any purpose that does not personally identify you.

2.2. Information We Collect Automatically:

We may automatically collect certain data when you use our Site or Application through cookies, web beacons, and other tracking tools.

2.2.1. Internet and Device Information: Data collected may include IP address, location, browser type, device identifiers, and data on interactions with our Site or Application.

2.2.2. Account Activity: We may collect data on how you use your online account and the Site or Application while logged in.

2.2.3. Online Technologies: These tools help us enhance security, improve user experience, personalize interactions, aid marketing, and gather usage data for our Services. You may manage certain tracking settings in your browser, although disabling these technologies could affect your experience and limit functionality on our Site or Application. Essential cookies that support basic functions cannot be disabled.

2.2.4. Google Analytics

We utilize Google Analytics to collect and process information about your use of the Services. Google sets Online Technologies on your device that will automatically send data to Google. Google uses this data to provide us with reports that we use to improve the Site's and Application's structure and content and to learn more about our user base.

We may implement additional add-on services to Google Analytics, such as Demographics and Interest Reporting. Demographics and Interest Reporting uses Online Technologies to collect data about our Site traffic by tracking users across websites and across time to provide us with analytics on our user base. To learn more about how Google uses data, you may click on this text to visit Google's Privacy Policy. You may click on this text to download the Google Analytics Opt-out Browser Add-on for each web browser you use, but this does not prevent the use of other analytics tools.

2.2.5. Ad Measurement, Conversion Tracking, and Online Behavioral Advertising

We work with third parties, such as Facebook, LiveRamp, and DoubleClick, to provide targeted advertising. These services collect data on your interactions with the Site, Application, and other websites to deliver relevant ads. The collected data may be linked to your Personal Information. These ads may appear on our Site, Application, and on other websites or be sent via email. We also use Google and other third parties for ad measurement and conversion tracking, providing insights into the effectiveness of our ad campaigns.

To change your ad preferences and learn more about third-party ad networks and online behavioral advertising, you can click on this text to access the National Advertising Initiative Consumer opt-out page or the Digital Advertising Alliance's WebChoices tool. You may also learn more about opting out of third-party Online Technologies for ad tailoring by clicking on this text to visit http://www.networkadvertising.org/managing/opt_out.asp and http://www.aboutads.info/choices. Keep in mind that opting out in one browser or network does not necessarily apply to others, and you may still see our ads.

2.2.6. ReCAPTCHA.

2.2.6. ReCAPTCHA. To prevent spam and abuse, we may employ Google's reCAPTCHA tool on our Site. Consequently, certain Personal Information may be shared with Google as outlined in Google's Privacy Policy.

2.2.7. Video Content. Our Site includes videos and embedded content, either provided by us or third parties, along with visible elements or scripts within the Site's code. Both we and these third parties may gather data on how you interact with the content. For example, if you're logged into a YouTube or Google account when visiting our Site, YouTube may collect data about your interactions, even if you don't watch a video. For additional information, see Google's Privacy Policy.

2.2.8. Google Maps. We use the Google Places API for location searches and Google Maps/Google Earth API(s) to present the results. Your use of these location services is governed by the Google Maps/Google Earth APIs Terms of Service, and you can click on this text to view Google's Privacy Policy. Google Maps helps us enhance the Site and Application for a better user experience.

If you choose to grant us permission, we may access your location while using the Application or Site. Location access can be enabled through your device's settings or by allowing the feature when prompted.

2.3. Information from Third-Party Sources

We collect Personal Information from third parties and public sources, integrating it with data we have to improve our reach, communications, and marketing. These third-party sources include:

2.3.1. Pharmacies. We obtain information regarding your prescription purchases from pharmacies in our network to administer programs, enhance communication, and support program use.

2.3.2. Clients. If an organization is providing you with our programs, we may receive Personal Information from them to facilitate enrollment.

2.3.3. Practitioners. Medical professionals or health plan providers may supply us with Personal Information to enable contact or aid with prescription compliance.

Uses of Personal Information

In addition to the uses noted throughout this Policy, we may use Personal Information as follows:

3.1. As Stated or Agreed To. We may use Personal Information for purposes specified or implied at collection, such as responding to inquiries or complying with your requests.

3.2. Administration. For administrative functions, like managing accounts, facilitating transactions, assessing applications, and understanding our user demographics.

3.3. Billing and Claims Questions. To process payments and assist pharmacies with claims questions related to our prescription discount program.

3.4. Rebate Program. We may use information to help finance our discount card program.

3.5. Site and Application Management. For troubleshooting, improving content and functionality, and customizing the user experience.

3.6. Communications and Advertising. To send promotions, notify you about new offerings, or communicate policy changes.

3.7. Protection of Rights. To safeguard our legal interests and respond to legal requests.

3.8. Feedback and User Experience. We collect user feedback through surveys to improve our offerings and may anonymize aggregated survey data for general analysis.

Disclosure of Personal Information

In addition to disclosures detailed elsewhere, we may share Personal Information with the following:

4.1. Employees and Affiliates. Authorized personnel needing the information for business purposes.

4.2. Pharmacies. For billing and claim-related questions.

4.3. Third-Party Pharmaceutical Manufacturers. For discount card program funding.

4.4. Vendors. Our vendors, agents, or partners providing support, such as marketing and IT services.

4.5. Government Officials / Law Enforcement. As required by law or advised by counsel.

4.6. Professional Advisors. Legal, financial, or business consultants in an advisory role.

4.7. Legal Proceedings and Protection of Rights. If necessary to enforce contracts or bring legal action.

4.8. Change in Ownership. In the event of a change in control, sale, or similar event.

4.9. Other Disclosures. Upon your explicit consent or for the intended purposes at the point of disclosure.

This section details additional privacy rights for residents of California, Colorado, Connecticut, Virginia, and Utah.

California Privacy Rights

Collection & Sharing: Outlines categories of Personal Information collected, sources, and sharing practices under CCPA.

California Consumer Rights: Includes rights to request access, deletion, correction, and to opt out of data sales. Non-discrimination is guaranteed for exercising these rights.

Financial Incentives: Using CareCard's services may qualify as a financial incentive.

California Do-Not-Track Requests: CareCard does not currently honor Do-Not-Track requests.

Virginia, Colorado, Connecticut, and Utah Privacy Rights

Each state provides residents rights similar to California's, such as access, correction, deletion, and data portability. Notable differences:

Colorado: Offers a bona fide loyalty program; residents can opt out of targeted advertising.

Utah: Consumers can request to opt out of Personal Data sales or sharing.

Submitting Privacy Rights Requests

Submit requests by emailing hello@carecard.com. Verification of identity is required to process these requests. Authorized agents can also submit on behalf of individuals in California, Colorado, and Connecticut.

Contact Information

Questions can be directed to hello@carecard.com or via mail to:

CareCard Inc.

6 St Johns Ln

New York, NY 10013

E-mail: hello@carecard.com

Website: carecard.com