Last Updated: January 18th 2025
Welcome to Refills Health, LLC ("Refills Health," "we," "us," or "our"). This Privacy Policy explains how we collect, use, share, and protect your information when you access or use: our website www.refills.com; our mobile applications, software, or related platforms; and any services, products, or content we provide (collectively, the "Platform" or "Service"). By accessing the Platform, creating an account, or using any part of the Service, you accept the practices described in this Privacy Policy. If we make changes, we will update the "Last Updated" date and post the revised version here. Capitalized terms not otherwise defined have the meanings assigned in our [Terms and Conditions].
Our Service is intended for individuals 18 years or older, or the legal minimum age in your jurisdiction. We do not knowingly collect personal information from children under 18. If we learn that we collected information from a minor, we will delete it unless otherwise required by law. We may retain information when required by law, as part of medical records maintained by Providers, if posted by third parties, if de-identified, or if associated with compensated content.
When you create an account with Refills Health, you provide information like your name, email, address, and payment information. This information is not considered "Protected Health Information" (PHI) under HIPAA. If you use our healthcare-related services (such as telehealth or pharmacy services), you may submit health or medical data that may qualify as PHI. Refills Health is not a HIPAA-covered entity. Partner Pharmacies and Medical Groups may be HIPAA-covered entities. If Refills Health acts as a business associate, we protect PHI under HIPAA rules. Summary: general account information is not PHI and is managed under this Privacy Policy. Health-related service information is PHI and protected under HIPAA and applicable state laws. We do not use PHI for marketing or advertising.
We collect information in four ways: (1) Information You Provide: name, email, phone number, shipping/billing address, account credentials (username, password), payment details, government IDs (e.g., driver's license, passport), health or medical information you provide, uploaded files, and customer service communications. (2) Information We Collect Automatically: IP address, device ID, browser type, pages visited, time spent on Platform, and location information. (3) Information We Create or Infer: general location, likely preferences, and interests. (4) Information from Third Parties: linked social media accounts, public sources, and service partners. You can decline to share information, but this may limit access to certain features.
We use cookies, mobile IDs, and web beacons to remember your preferences, authenticate and secure sessions, analyze Platform performance, and deliver targeted advertising. You can manage cookie settings via your browser or device. (See "Choice and Control" below.)
We use personal information to provide, operate, and maintain the Service; process payments and fulfill orders; improve and personalize your experience; communicate updates, promotions, and support; conduct research and performance analysis; and comply with legal obligations. We may combine data from different sources to deliver a seamless experience. We do not use PHI for marketing or advertising without your consent.
We may share information with service providers (e.g., payment processors like Stripe, shipping companies); healthcare providers and pharmacies (for care coordination); marketing and analytics partners (using non-PHI data); law enforcement or regulatory agencies (when required); and business partners (for operational support). We also use de-identified information for analytics or business purposes.
You have options to control your personal information: email/SMS communications (unsubscribe anytime); cookie management (adjust settings through your browser); Global Privacy Control (GPC) signals (respected); and the ability to access, correct, or delete information through a verified request. We will verify your identity before fulfilling certain requests.
We take reasonable steps to protect your personal information using physical, technical, and administrative safeguards. However, no online system can guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials.
We retain personal information as long as necessary to provide services, comply with legal obligations, resolve disputes, or enforce agreements. Healthcare Providers and Pharmacies may have their own data retention policies.
Payments made through our Platform are processed via Stripe. Your payment information is governed by Stripe’s Privacy Policy. Refills Health is not responsible for Stripe’s data practices.
When you use healthcare services through our Platform, your PHI may be used or disclosed for treatment, payment, healthcare operations, public health and safety, or legal needs. Your HIPAA rights include: requesting access to your PHI; requesting corrections or amendments; requesting restrictions or confidential communications; receiving notice of breaches. For full details, please review our [Notice of Privacy Practices].
If you are a California resident, you have the following rights: Right to Know — request what personal information we collect, use, or share; Right to Delete — request deletion of personal information, subject to exceptions; Right to Correct — request correction of inaccurate personal information; Right to Opt-Out of Sale or Sharing — opt out of personal information being sold or shared for advertising purposes; Right to Limit Use of Sensitive Personal Information — restrict use to necessary business purposes; and Right to Non-Discrimination — we will not retaliate against you for exercising your rights. We do not sell or share PHI. You can exercise your California rights by emailing privacy@refills.com, using available Privacy Request forms, or enabling the GPC setting in your browser. We verify your identity before completing requests.
Our services are intended for users located in the United States and are governed by U.S. law.
If you have any questions about this Privacy Policy, your privacy rights, or how we handle your information, please contact us: 📧 privacy@refills.com 🏢 1401 Pennsylvania Ave, Suite #105, Wilmington, DE 19806.