The term “Personal Information” as used is defined as any information that identifies or can be used to identify, contact or locate the person to whom such information pertains. The Personal Information that We collect will be subject to this Policy, as amended from time to time.
Fullscript Collection and Use of Your Information
In the course of using Fullscript, We may ask users for Personal Information such as name, email address, postal address, care provider’s name, and payment information, as well as other relevant information. Health care providers will be asked to provide information specific to their practices, such as practice or clinic name, address, telephone number, and Website URL. Fullscript may also collect account registration information, including usernames, passwords, and answers to security questions. In most cases, users choose the amount of information they supply. However, some information may be required in order for Us to provide Our services to You.
Fullscript also may collect certain information that is not Personal Information when You visit many of our Web pages, such as the type of browser You are using, the type of operating system You are using, the domain name of Your Internet service provider, aggregate data about the number of visits to the Website, and/or aggregate data about the pages visited. Additionally, We also may aggregate Personal Information where that information becomes de-identified or not personally identifiable after aggregation, (“Aggregate Data”).
What We Do With Information
Fullscript uses Personal Information You provide about Yourself: (a) to process and fulfill Your order(s) for Products; (b) to respond to any of Your inquiries or questions about our Products and/or Services; (c) for internal marketing purposes; (d) to provide You with additional and updated information, materials, and other advertisements regarding Fullscript Products and/or Services; (e) to offer You other materials and/or information that Fullscript believes may be of interest to You; (f) to cooperate with government officials or parties in litigation under process of law, to prevent a crime, or as otherwise required by law; (g) to protect the security or integrity of the Website; (h) to protect against fraud, identity theft, or a threat of safety or destruction of property; (i) to protect against legal liability; (j) to create and manage user accounts; (k) to process payment; (l) to communicate with the User’s Health Professional; and/or (m) to perform data analyses and/or research (including de-identification and aggregation of Personal Information).
Fullscript will share User Product order information, including the items and quantities ordered, with the User’s Health Professional who recommended the product(s). Fullscript may employ third party unaffiliated companies to perform tasks on our behalf such as credit card processors and distributors and We may share Personal Information with such service providers. We require any company with which We share Personal Information to protect data in a manner consistent with this Policy and to limit the use of such Personal Information to the performance of services for Fullscript. Fullscript may also share Your information to provide products or services You’ve requested or when We have Your permission. Except as provided above, Fullscript does not share or sell any Personal Information to any other third parties or permit third parties to use Personal Information to market their own products or services.
Fullscript uses the information that is not Personal Information (including Aggregate Data) to (a) improve the design and content of the Website ; (b) enable Fullscript to personalize Your online experience; (c) analyze Website usage; (d) create services and/or products to fit Your needs; (e) and for other commercial purposes as determined by Fullscript. Also, Fullscript may share non-Personal Information including Aggregate Data with related entities, advertisers, partners, other third-party vendors, or any other third party. Fullscript owns such non-Personal Information including Aggregate Data and may maintain copies of such as part of Our records.
California Online Privacy Protection Act Compliance
If You are a California resident and use our Website or app, You are entitled to request certain information regarding our disclosure of certain “personal information” (as defined in California Civil Code Section 1798.83) to third parties for their direct marketing purposes. If You are a California resident and have provided us with personal information within the last year, You may make such a request by emailing us at [email protected] and typing “California Privacy Rights” in the subject line of the email. Within 30 days of receiving such a request, We will provide a list of the categories of personal information disclosed to third parties for such third parties’ direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. A request may be made no more than once per calendar year and We are not required to respond to requests made by means other than through the email address above.
Security and No Liability
The security of Your Personal Information is important to us. When You enter Personal Information, We encrypt the transmission of that information using secure socket layer technology (SSL). Credit card details are stored encrypted using AES-256 encryption. As a level 1 PCI-DSS compliant service provider We follow all PCI-DSS requirements and implement additional generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and once We receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while We strive to use commercially acceptable means to protect Your personal information, We cannot guarantee its absolute security. Except as required by law,Fullscript is not responsible for any damages or liabilities relating to any such security failures. Transmission of Personal Information is at your own risk. Our Website contains links to other Websites that do not belong to Fullscript. Fullscript is not responsible for, nor can Fullscript ensure the privacy practices or content of such other sites, and this Policy does not apply to those other Websites. If You have any questions about security on our Web site, You can email us at [email protected].
Patient/Client Data Storage for Health Professional
If you are a Patient or Consumer, You acknowledge that your use of Our service is solely through Your Health Professional and that Fullscript may share Personal Information with Your Health Professional for the purposes of facilitating the Product transaction on behalf of Your Practitioner. If You are a Health Professional, as part of the process of using Fullscript, You may obtain the email address and/or shipping address of Your patients/clients. By using Fullscript, You agree that, with respect to other users’ Personal Information that You obtain through Fullscript or through a Fullscript-related communication or Fullscript-facilitated transaction, Fullscript hereby grants to You a license to use such information only for Fullscript-related communications that are not unsolicited commercial messages. Fullscript does not permit spam. Therefore, without limiting the foregoing, You are not licensed to add the name of someone who has purchased an item from You, to Your mail list (email or physical mail) without their express consent.
Fullscript owns the data storage, databases and all rights to the Fullscript application. If you are a Health Professional, We make no claim to the rights of Your data. You retain all rights to Your data and We will not contact Your patients/clients directly, or use Your data for our own business advantage or to compete with You or market to Your clients.
Cookies and Re-marketing
Re-Marketing and Opt Out
We use a service provided by both Google and Facebook called “remarketing”. This permits us to reach people who have previously visited our site, and show them relevant advertisements when they visit other sites across the Internet in the Google Display Network and Facebook Ads platform.
Cookies can be used to track Your session on our Website, to serve customized ads from Google, Facebook, and other third party vendors. When You visit this Website, You may view advertisements posted on the site by Google or other third parties. Through first-party and third party cookies, these third parties may collect information about You while You are visiting this Website and other Websites. They may use this data to show You advertisements on this Website and across the Internet based on Your prior visits to this Website and elsewhere on the Internet. We do not collect this information or control the content of the advertisements that You will see.
You may be able to opt out of customized Google Display Network ads by visiting the Ads Preferences Manager, and the Google Analytics Opt-out Browser Add-on.
Your use of this Website without opting out means that You understand and agree to data collection to provide You with remarketing ads using Google/Faceook and cookies from other third party vendors based on Your prior visits to this Website and elsewhere on the Internet.
The Payment Card Industry Data Security Standard (PCI-DSS) is a set of security requirements managed by the PCI Security Standards Council, a joint effort of the payment brands, including Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by merchants and service providers.
How to Contact Fullscript
Healthy Web Inc.
126 York Street, Suite 300
Ottawa, Ontario, K1N 5T5
Last Modified: March 31st, 2016