Guardian Pharmacy Privacy Policy

Guardian Pharmacy, LLC dba Guardian Pharmacy Services (“Guardian Pharmacy”) is committed to responsible information management practices. As a part of that commitment, this Guardian Pharmacy Privacy Policy (“Privacy Policy”) is an effort to provide users of our websites (regular and mobile), including at https://guardianpharmacy.com and the related websites, https://guardianhub.com, and https://secure.guardiannote.com (the “Websites” or this “Website”), together with their mobile apps and/or platforms (“App” or “Apps”), the Apps and Websites as may be amended or added from time to time, collectively referred to herein as the (“Services”), with a clear understanding of how we collect information, how we use the information we collect, with whom we disclose such information, and the steps we take to secure the information we collect.

By using our Services, you consent to the collection, use and sharing of your information by Guardian Pharmacy in accordance with this Privacy Policy.

It is important for users of our Services to read the Privacy Policy carefully. The Privacy Policy may change over time in coordination with new or different services that we may provide in the future, or for other unforeseeable reasons. We have provided an “effective date” and a last updated so that users of the Services can be aware of the Privacy Policy in effect at all times. We encourage all users to occasionally refer to this Privacy Policy so that they can remain aware of our current practices.

What Does This Privacy Policy Apply To?

This Privacy Policy describes our privacy practices for information that we collect:

  • through the Services;
  • when you use, purchase, obtain or consider our Services, including when you remit payment via the Services;
    when you communicate with us in any way including by calling or emailing us, participating in an online chat, connecting with us on social media, post to our social media pages and/or tagging us in your social media posts (collectively, “Communications”); and
  • when you engage with a care provider (e.g., doctor or pharmacist) through our Services, including responding to prescription requests, filling prescriptions and otherwise communicating about your medical records or prescription requests,
  • Information necessary to permit you to access your electronic health records, including as necessary to communicate with your care team about your health records
  • when you respond to our advertisements or participate in surveys or participate in our contests or promotions (the “Participation Opportunities”).

What information is being collected?

  1. Personally Identifiable Information: This category includes information that would allow us to identify you personally. This includes contact information, such as names, addresses, e-mail addresses, IP or MAC addresses, driver’s license information, and phone numbers, as well as billing information, such as credit card numbers. For information related specifically to our collection of protected health information (“PHI”), please visit our Privacy Statement, available here: https://guardianpharmacy.com/hipaa-privacy-policy.
  2. Other Information: This category refers to information that does not directly identify a specific individual. For instance, the Services may track the total number of visitors that utilize the Services, the number of visitors to a particular page of the Services, and/or other such technical information. This data may be used to diagnose problems with the Services, gather demographic, geographic and other information that does not directly identify you to improve our services or marketing efforts, improve our services and product, and for similar purposes. We may also make Personally Identifiable Information anonymous or aggregate such anonymous data so that it becomes Other Information.

How Do We Collect Information?

  1. Voluntarily Provided Information: Guardian Pharmacy may collect information, which may include Personally Identifiable Information, voluntarily provided to us by the user. This information may be collected in coordination with a voluntary survey, information or service request, a prescription refill request, promotional contest, pay a bill or by similar voluntary methods.
  2. Passive Information Collection: Guardian Pharmacy may also collect information, which may include Personally Identifiable Information, automatically when you use the Services, including specifically when you use the Services. This information may include website “traffic” data or IP addresses (an IP address is a number automatically assigned to your computer in order to use the Internet), or other anonymous data. Information may be collected using technologies such as standard server logs, cookies, pixels, and clear GIFs or Web beacons.
  3. When You Contact Us: Personally Identifiable Information may be gathered as a result of phone calls, emails or other communications with us, including those communications on or through the Services. In the case of phone calls, some Personally Identifiable Information may be collected automatically, like a phone number.
  4. Third Party Information: Guardian Pharmacy may collect information, which may include Personally Identifiable Information, from third parties (such as your care team, doctors or pharmacists) and vendors and add it to the other information collected.

How Do We Use Personally Identifiable Information?

Information collected by the Services is used for the following purposes:

  • To provide you with the services you request, including your ability to communicate with your care team and to access your electronic medical records;
  • To address customer inquiries or issues;
  • To maintain customer accounts and dealings;
  • To process customer payments;
  • To enhance operations of our Services;
  • To provide marketing and promotional efforts, including retargeting;
  • To enforce agreements, address security hazards, prevent fraud or illegal or improper activities;
  • For administrative purposes;
  • For other legally permissible purposes.

We allow you to “opt-out” of receiving certain marketing material, as discussed in more detail below.

How Long Do We Retain Information?

We retain relevant Personally Identifiable Information related to your account and/or your business relationship with us pursuant to applicable federal and state rules and regulations and so long as retaining said Personally Identifiable Information is necessary including, but not limited to, the duration of time that you utilize the Services, the duration for which any amounts owed to Guardian Pharmacy are due by you, and a reasonable period after termination of any business relationship via signed release and/or communications between Guardian Pharmacy and You. For additional information, contact us at guardianpharmacy.ethicspoint.com or via telephone at 800-827-5477.

To What Extent Do We Disclose Your Information to Third Parties?

Guardian Pharmacy may share your information in the following situations:

  1. Service Providers: We may share your information, including Personally Identifiable Information, with third parties or affiliates to assist in our business operations (e.g., to process payments, store data, deliver information, and perform other similar functions), or to provide the services you have requested.
  2. Third Party Providers That you Request: We may share your information with your care team and/or other third parties in order to process your requests through the Services, including to pharmacists, insurance companies and doctors. Disclosure of PHI is governed by our Privacy Statement, available at https://guardianpharmacy.com/hipaa-privacy-policy.
  3. Business Transfers: We may share your information, including Personally Identifiable Information, as part, of or in connection with, a merger, acquisition, assignment, as part of debt financing, the sale of our assets, or in any similar transaction, or to the extent as may be required in the unlikely event of insolvency bankruptcy, or a receivership.

How is Personally Identifiable Information Secured?

We employ safeguards designed to help preserve our Services’ users’ security and privacy and to help prevent the misuse of any Personally Identifiable Information. These safeguards are consistent with industry standards. In addition to other procedural safeguards, we use security software (SSL, or Secure Sockets Layer, technology) and firewalls to protect your information.

Unfortunately, no data transmission over the Internet or any wireless network can be absolutely secure. As a result, while we strive to protect your Personally Identifiable Information, we can make no representations or warranties regarding the security of any data exchanged through the Services. There are potential security risks beyond our control. With this in mind, by using the Services you acknowledge that you are transmitting data through the Services at your own risk.

Third Party Websites

The Guardian Pharmacy sites may contain images of and links to third party websites (“Linked Sites“). The Linked Sites are not under the control of Guardian Pharmacy and Guardian Pharmacy is not responsible for examining or evaluating any Linked Sites, and Guardian Pharmacy does not warrant the offerings of any of these businesses or individuals or the content of the Linked Sites. Guardian Pharmacy does not assume any responsibility or liability for the actions, product, and content of all these Linked Sites and any other third parties. Guardian Pharmacy is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Guardian Pharmacy of any Linked Sites or any association with its operators, or with any of its products or services. You should carefully review their privacy statements and other conditions of use.

You should be aware that third party sites which display advertisements linking to our Services may use a “cookie” to passively collect information to tailor advertising for you. We do not have control over or access to the third-party data collected.

The data we collect from visitors to our Services may be shared with our third party vendors, such as Google or Bing, or other sites on the Internet for data analytics purposes. The privacy policies for such Linked Sites may differ from ours, and you are encouraged to review them.

Your Choices

You may opt out of receiving future promotional communications from us by following the instructions within a promotional communication you received from us. To learn more about your choices regarding receiving promotional emails or other communications, contact us at guardianpharmacy.ethicspoint.com or via telephone at 800-827-5477.

Protection of Guardian Pharmacy: You agree that we, our agents, and independent contractors, may disclose your information, including Personally Identifiable Information, to the extent that we, our agents, and independent contractors, in our sole discretion, believe doing so may be appropriate, including but not limited to when it may be legally required, necessary to comply with laws, or in response to lawful requests or legal process. We may also share such information where we believe it may limit our liability in an actual or potential lawsuit, or where otherwise necessary to protect our rights, interests and/or property (including, without limitation, to enforce our agreements), or the rights, interests and/or property of our agents, independent contractors, customers, and others. This may include release of your Personally Identifiable Information if there is an unpaid balance on your account; you hereby authorize us, our agents, or our independent contractors to refer your Personally Identifiable Information to a collection agency and the unpaid balance may be reported to a credit agency, which may damage your credit.

Opt-out: Our third-party advertising partners may collect data about your visits to the Services to help them better understand your advertising preferences, and provide you with offers they believe you will be interested in. You may opt out of receiving certain advertising tailored to you from third parties. If you would like to opt out of behavioral advertising or to learn more, please visit

http://www.aboutads.info/choices/

https://policies.google.com/technologies/ads

http://optout.networkadvertising.org/?c=1#!/.

Options you select are browser and device specific.

Cookie Usage: We and third parties may use cookies, action tags, or similar technologies on your computer to provide the Services and online services and help collect data. You may block or delete cookies and control data collection through your web browser settings. However, adjusting your browser preferences may impact your experience or use of the Services.

Children’s Privacy

We do not intentionally collect data from children under the age of 13. The Services are not directed to children under 13 and children under 13 should not use the Services. If we learn that we have inadvertently collected any such data, we will delete it as soon as possible.

Contact Us

If you have any inquiries regarding our Privacy Policy or if you have a disability and need access to our privacy policy in a different format, you may contact us at guardianpharmacy.ethicspoint.com or via telephone at 800-827-5477.

Notice to California Residents – Your California Privacy Rights

This section of the Privacy Policy applies solely to visitors, users, and others who are residents of the State of California (“consumers”). For purposes of this section of the Privacy Policy only, the terms defined in the California Consumer Privacy Act of 2018, as amended (“CCPA”) have the same meaning when used in this section of the Privacy Policy.

For example, when used in this section of the Privacy Policy only, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include information exempted from scope of the CCPA (such as information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the California Financial Information Privacy Act, or the Driver’s Privacy Protection Act of 1994) or information exempted from the CCPA’s definition of “personal information” (such as publicly available information or consumer information that is deidentified or aggregated).

Sale or Sharing of Personal Information
We do not, and will not, sell Personal Information to any third-party. We also do not, and will not, share any Personal Information with third-parties for the third-parties’ marketing purposes.

Notice of Collection of Personal Information
We collect personal information when a consumer uses, visits, participates in or otherwise accesses the Services. The following is a list of the categories of Personal Information that we collect and the business or commercial purposes for which each category will be used.

Category of Personal Information

Business or Commercial Purpose for Our Collection and Use

Any categories of personal information described in subdivision (e) of Section 1798.80

Examples: name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

  • Provide you with the Services, including to allow you to interact with your care team and access your electronic medical records Administer and process payments for our Services;
  • Complete contracts for our Services as well as any disclosures or other documents required by law;
  • Process any forms, requests, inquiries, or other information you submit to us;
  • Attend to tasks relating to your transactions with us;
  • Send you marketing communications and promotional offers, as well as periodic customer satisfaction, market research or quality assurance surveys;
  • Communicate with you;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Operate and expand our business activities; and
  • Allow you to access your online-account.

Identifiers

Examples: a real name; alias; postal address; telephone numbers; unique personal identifier; online identifier Internet Protocol Address; email address; account name, social security number, driver’s license number, passport number and other similar identifiers.

  • Provide you with Services, including to allow you to interact with your care team and access your electronic medical records;
  • Administer and process payments for our Services;
  • Complete contracts for our Services as well as any disclosures or other documents required by law;
  • Process any forms, requests, inquiries, or other information you submit to us;
  • Attend to tasks relating to your transactions with us;
  • Send you marketing communications and promotional offers, as well as periodic customer satisfaction, market research or quality assurance surveys;
  • Communicate with you;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Operate and expand our business activities; and
  • Allow you to access your online-account.

Characteristics of protected classifications under California or federal law

Examples: race, gender, ethnicity

  • Provide you with the Services, including to allow you to interact with your care team and access your electronic medical records Administer and process payments for our Services Analyze our data;
  • Identify usage trends,
  • Determine the effectiveness of our advertising and marketing campaigns.

Commercial information

Examples: records of utility usage, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies

  • Provide you with the Services, including to allow you to interact with your care team and access your electronic medical records Administer and process payments for our Services Process payments for Services;
  • Complete contracts for our Services as well as any disclosures or other documents required by law;
  • Process any applications, forms, requests, inquiries, or other information you submit to us;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Data analysis, audits, security and fraud monitoring and prevention;

Internet or other electronic network activity information

Examples: browsing history; search history; and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.

  • Customize the content or functionality of Services to your preferences
  • Present offers tailored to your interests
  • Tailor the marketing communications and promotional offers we send to you;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Assist us with enhancing, improving or modifying our Services,
  • Diagnose server problems;
  • Administer our Services online;
  • Identify usage trends,
  • Determine the effectiveness of our advertising and marketing campaigns;

Geolocation data:

Examples: the geographic location (latitude and longitude) of an Internet-connected device such as a cell phone, tablet or computer or any other device connected to the internet and used to access our Services.

  • Customize the content or functionality of the Services to your preferences;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Assist us with enhancing, improving or modifying our Services,
  • Administer our Services online;
  • Identify usage trends,
  • Determine the effectiveness of our advertising and marketing campaigns;

Collection, Use, and Disclosure of Personal Information in the Past 12 Months

We do not and will not, sell Personal Information to third-parties. The below chart lists the categories of Personal Information that we have collected about consumers, the categories of sources from which that information was collected, the business or commercial purposes for which the information was collected and the categories of third-parties with whom we shared the information. All information below is for the 12 months preceding the Last Updated date below.

Category of Personal Information

Categories of Sources of Information

Business/Commercial Purposes for Collection

Categories of Third-Parties With Whom Information Was Shared

Any categories of personal information described in subdivision (e) of Section 1798.80

Examples: name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Consumers

  • Provide you with Services;
  • Administer and process payments for our Services;
  • Complete contracts for our Services as well as any disclosures or other documents required by law;
  • Process any forms, requests, inquiries, or other information you submit to us;
  • Attend to tasks relating to your transactions with us;
  • Send you marketing communications and promotional offers, as well as periodic customer satisfaction, market research or quality assurance surveys;
  • Communicate with you;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Operate and expand our business activities; and
  • Allow you to access your online-account.

Payment Processing Companies

Collections Agencies

Digital Advertising Providers

Reputation Management Companies

Collections Agencies

Advertising Networks and Platforms (e.g., Facebook, LinkedIn, Instagram and/or Google)

Payment Processing Companies

Affiliates

Third Parties vendors

Personal Identifiers

Examples: real name; alias; postal address; telephone numbers; unique personal identifier; online identifier Internet Protocol Address; email address; account name, social security number, driver’s license number, passport number and other similar identifiers.

Consumers

  • Provide you with the Services, including to allow you to interact with your care team and access your electronic medical records Administer and process payments for our Services Administer and process payments for our Services;
  • Complete contracts for our Services as well as any disclosures or other documents required by law;
  • Process any forms, requests, inquiries, or other information you submit to us;
  • Attend to tasks relating to your transactions with us;
  • Send you marketing communications and promotional offers, as well as periodic customer satisfaction, market research or quality assurance surveys;
  • Communicate with you;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Operate and expand our business activities; and
  • Allow you to access your online-account.

Collections Agencies

Advertising Networks and Platforms (e.g., Facebook, LinkedIn, Instagram and/or Google)

Payment Processing Companies

Affiliates

Third Parties vendors

Characteristics of Protected classifications under California or federal law

Examples: race, gender, ethnicity

Data Analytics Providers

  • Analyze our data;
  • Identify usage trends,
  • Determine the effectiveness of our advertising and marketing campaigns.

Collections Agencies

Advertising Networks and Platforms (e.g., Facebook, LinkedIn, Instagram and/or Google)

Payment Processing Companies

Affiliates

Third Parties vendors

Commercial information

Examples: records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies

Consumers

  • Provide you with Services;
  • Process payments for Services;
  • Complete contracts for our Services as well as any disclosures or other documents required by law;
  • Process any applications, forms, requests, inquiries, or other information you submit to us;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;

Collections Agencies

Payment Processing Companies

Internet or other electronic network activity information

Examples: browsing history; search history; and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.

Collection Technology

  • Customize the content or functionality of Services to your preferences
  • Present offers tailored to your interests
  • Tailor the marketing communications and promotional offers we send to you;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Assist us with enhancing, improving or modifying our Services,
  • Diagnose server problems;
  • Administer our Services online;
  • Identify usage trends,
  • Determine the effectiveness of our advertising and marketing campaigns;

Data Analytics Providers

Internet Service Providers

Advertising Networks

Collections Agencies

Advertising Networks and Platforms (e.g., Facebook, LinkedIn, Instagram and/or Google)

Payment Processing Companies

Affiliates

Third Parties vendors

Geolocation data:

Examples: the geographic location ((latitude and longitude) of an Internet-connected device such as a cell phone, tablet or computer or any other device connected to the internet and used to access our Services.

Collection Technology

  • Customize the content or functionality of Services to your preferences;
  • Analyze our data;
  • Conduct audits, security and fraud monitoring and prevention;
  • Assist us with enhancing, improving or modifying our Services,
  • Administer our Services online;
  • Identify usage trends,
  • Determine the effectiveness of our advertising and marketing campaigns;

Internet Service Providers

Law enforcement, as required by law

Right to Know About Personal Information Collected, Disclosed, or Sold
Consumers have the right to request that we disclose to that consumer or his or her authorized agent:

  1. The categories of Personal Information that we have collected about that consumer;
  2. The categories of sources from which the Personal Information was collected;
  3. The business or commercial purpose for collecting or selling Personal Information;
  4. The categories of third parties with whom we share Personal Information;
  5. The specific pieces of personal information we collected about that consumer.

For each of these items, the timeframe covered by Guardian Pharmacy’s response will be for the 12 months preceding the receipt of the request.

Consumers may submit a verifiable request for this information by calling 800-827-5477 or by clicking guardianpharmacy.ethicspoint.com. When submitting a Right to Know request, please state that you are making a Right to Know request and specify whether you are requesting disclosure of specific pieces of personal information about the consumer or categories of personal information or both. Please also provide the consumer’s full name, address, telephone number, email address, account number, date of last service, cost of last service, service address, and IP address(es). We will use that information to attempt to verify the consumer’s identity by comparing the information provided to the information collected and/or maintained by us. If you are an authorized agent of a consumer nor the parent/legal guardian of a minor consumer, please also provide your full name and contact information including name, address, telephone number and email address. Within 10 days of our receipt of the Right to Know request, we will provide a response that includes information about our process to verify the consumer’s identity and when the consumer or his or her agent should expect a further response.

Right to Request Deletion of Personal Information
Consumers, or their authorized agent, have the right to request that we delete any Personal Information about the consumer that we have collected or that we maintain. California consumers may submit a verifiable request for this information by calling 800-827-5477 or by clicking guardianpharmacy.ethicspoint.com. When submitting a Right to Deletion request, please state that you are making a Right to Deletion request and provide the consumer’s full name, address, telephone number, email address, account number, date of last service, cost of last service, service address, and IP address(es) so that we may attempt to verify the consumer’s identity by comparing the information you provide to the information collected and/or maintained by us. If you are an authorized agent of a consumer nor the parent/legal guardian of a minor consumer, please also provide your full name and contact information including name, address, telephone number and email address. Within 10 days of our receipt of the Right to Deletion request, we will provide a response that includes information about our process to verify the consumer’s identity and when the California consumer or his or her agent should expect a further response.

Right to Not Be Discriminated Against
Consumers have the right not to receive discriminatory treatment from us for the exercise of the privacy rights conferred by the CCPA and listed in Section 9 of this Privacy Policy. We will not discriminate against those who exercise their privacy rights. Specifically, if you exercise your privacy rights, we will not deny you goods or services, charge you different prices or rates for goods or services or provide you a different level or quality of goods or services.

Authorizing an Agent to Exercise Your Rights
Consumers have the right to designate an authorized agent to exercise the privacy rights conferred by the CCPA and listed in this Privacy Policy on their behalf. To designate an authorized agent, a consumer must either provide the agent with an executed power of attorney or provide the authorized agent with written permission to exercise the rights set forth in this section that is signed by the consumer and notarized.

Effective Date: July 18, 2022
Last Updated: July 18, 2022