Privacy Policy
Last updated: June 27, 2024
HydraMed IV LLC, and its affiliates, including HydraMed RX (collectively referred to as "HydraMed," "we," "us," or "our"), are committed to maintaining the privacy and security of your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you visit our website, www.HydraMed.com (the "Platform"), and use our services. By accessing or using our Platform, you agree to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use our services.
We may update this Privacy Policy periodically, and any changes will be posted on our website. Your continued use of the Platform after changes are posted constitutes your acceptance of those changes.
1. Introduction
HydraMed operates the Platform to provide our services. This Privacy Policy explains our practices concerning the collection, use, and disclosure of your information. By accessing or using the Platform, you agree to this Privacy Policy. If you do not agree with our policies and practices, your choice is not to use our Platform.
We may revise this Privacy Policy from time to time. If we make significant changes, we will notify you through the Platform or by other means, such as email. Continued use of our Platform after such changes will constitute your consent to those changes.
2. Personal Information
When you set up an account with HydraMed, you establish a direct customer relationship with us that enables you to access and utilize various functions of the Platform and the Service. As part of this relationship, you provide information to HydraMed, including, but not limited to, your name, email address, shipping address, phone number, and certain transactional information that we do not consider to be "protected health information" (PHI) or "medical information."
However, in using certain components of the Service, you may also provide health or medical information that may be protected under applicable laws. HydraMed is not a "covered entity" under the Health Insurance Portability and Accountability Act (HIPAA). However, one or more of the Labs, Pharmacies, or Medical Groups (as defined in our Terms of Service) may be a "covered entity" or "business associate" under HIPAA, and HydraMed may be considered a "business associate" of a Pharmacy or Medical Group. HIPAA does not necessarily apply to an entity or person simply because health information is involved, and HIPAA may not apply to your transactions or communications with HydraMed, the Medical Groups, the Providers, the Labs, or the Pharmacies.
To the extent HydraMed is deemed a "business associate," and solely in that role, HydraMed may be subject to certain provisions of HIPAA with respect to "protected health information" (PHI) that you provide to HydraMed, the Medical Group, or the Providers. Any medical or health information you provide that is subject to specific protections under applicable state laws (collectively, with PHI, "Protected Information") will be used and disclosed only in accordance with such applicable laws. Protected Information does not include information that has been de-identified in accordance with applicable laws.
The Medical Groups and Providers have adopted a Notice of Privacy Practices that describes how they use and disclose Protected Information. By accessing or using any part of the Service, you are acknowledging receipt of the Notice of Privacy Practices from your Medical Group and Provider(s).
By accessing or using any part of the Service, you agree that even if HIPAA applies to HydraMed, the Medical Groups, the Providers, the Labs, or the Pharmacies, any information that you submit to HydraMed that is not intended and used solely for the provision of diagnosis and treatment by the Medical Group and Providers, laboratory services by the Labs, or prescription fulfillment by the Pharmacies, is not considered Protected Information and will only be subject to our Privacy Policy and any applicable state laws that govern the privacy and security of such information. For clarity, information you provide to HydraMed to register and set up an account on the Platform, including name, username, email address, shipping address, and phone number, is not considered Protected Information.
Additional Medical Information Collection
We also collect certain medical information on behalf of the Medical Groups and your Providers, which may include, but is not limited to:
Health and Medical Data: Information you submit for diagnosis or treatment purposes, including information in any questionnaires or surveys you complete for these purposes.
Visit Details: Dates of visits.
Diagnostic Media: Images or videos you share for diagnosis or treatment purposes.
Provider Communications: Communications with Providers.
We may also receive information about you from our partners. For example, as part of our identity verification process, our vendor may send us information they have independently collected, such as your name, age, and estimated location. Our marketing partners may also send us information about you, even if you have not visited or registered on our site.
Biometric Information
HydraMed does not collect or create biometric information about you. However, to use some of our services, we may be required to verify your identity. If you are asked to submit proof of identity (such as a driver’s license or passport), we may share that and the selfie you shared with us with our identity verification partner, who may create biometric information about your face to verify that your selfie matches your proof of identity. Biometric information is not shared with HydraMed and is deleted by our identity verification partner after completing the identity verification. HydraMed may receive information extracted from your photos, such as information from your driver’s license and the confidence that there is a “match” between your two photos. We use this information to help verify your identity.
Collection of Information
HydraMed collects various types of information to provide and improve our services, including:
Personal Identity Information
Contact Information: We collect information such as your full name, email address, phone number, billing address, and physical address to communicate with you and provide our services.
Account Information: We collect information related to your account registration, including your login credentials, passwords, and other registration details.
Appointment Details: We collect details related to your appointments, such as date, time, location, and any optional notes you may provide (e.g., gate codes, pet information, parking instructions, other treatment requests).
Medical Information
Health Data: We collect health and medical data you submit for diagnosis or treatment purposes, including information from questionnaires or surveys.
Treatment Records: We collect information about your visits, including dates of visits, images or videos shared for diagnosis, and communications with providers.
Medical History: We collect detailed medical history, including current diagnoses (e.g., congestive heart failure, renal failure, blood clotting disorders), use of medications, and allergies.
Technical and Usage Information
Device Information: We collect technical data about your device, such as IP address, mobile device ID, browser type, operating system, connection speed, and hardware/software attributes.
Usage Data: We collect information about your interaction with our website, including pages visited, time spent on pages, clicks, and other usage metrics.
Cookies and Tracking Technologies: We use cookies, web beacons, scripts, and other tracking technologies to collect information about your browsing behavior on our website. This includes browser cookies, session cookies, persistent cookies, flash cookies, and web beacons.
Additional Information
Third-Party Information: We may receive information about you from third-party partners, such as identity verification data, marketing information, and information from social media platforms.
Location Data: We collect geolocation information from your mobile device.
Demographic Information: We collect demographic data such as gender, date of birth, medical history, and zip code.
Billing and Payment Information: We collect financial details required to process transactions, including credit card information and billing addresses.
3. Protected Health Information
When you set up an account with HydraMed, you provide personal information that we do not consider "protected health information" (PHI) or "medical information." However, when using certain components of our services, you may provide health information that may be protected under applicable laws. HydraMed is not a "covered entity" under the Health Insurance Portability and Accountability Act (HIPAA), but we may be considered a "business associate" of certain medical providers.
Use and Disclosure of Protected Health Information
HIPAA Compliance: To the extent HydraMed is deemed a "business associate" under HIPAA, we may be subject to certain provisions regarding the use and disclosure of PHI. Any medical or health information that you provide, which is subject to specific protections under applicable state laws, will be used and disclosed only in accordance with those laws.
Notice of Privacy Practices: The Medical Groups and Providers you interact with have their own Notice of Privacy Practices. By using our services, you acknowledge receipt of these notices.
4. How Information Is Collected
HydraMed collects personal and non-personal information directly from you and from third parties in several ways:
Direct Collection
Forms and Correspondence: We collect information you provide by filling out forms on our website, such as registration forms, surveys, and questionnaires. This includes medical intake forms that collect detailed medical history, allergies, and other relevant health information. Additionally, we collect information from your communications with us, including emails, phone calls, messages, and interactions through our website's live chat tool.
Transactions: We collect details of transactions carried out on our website, including payment information, order details, and any related correspondence.
Technical Interactions: We collect information through your interactions with our website, such as logging in, browsing, and using various features. This includes data such as your IP address, browser type, operating system, and other technical details.
Content Interaction: We collect information when you interact with content found on or through your computer or mobile device, including accessing, uploading, downloading, importing, or exporting content.
Third-Party Collection
Medical Providers: We collect information from Medical Groups and Providers who deliver treatment or other services to you. This includes diagnoses, treatment plans, prescription details, visit notes, and any other relevant medical information shared for the purpose of providing healthcare services.
Partners and Vendors: We collect information from third-party partners who assist with identity verification, marketing, and other services. This may include data from social media platforms, identity verification services, and marketing partners. For instance, as part of our identity verification process, our vendor may send us information they have independently collected, such as your name, age, and estimated location.
Forms from Third-Party Business Associates: We may also use forms provided by third-party business associates to collect your personal medical history, ensuring comprehensive healthcare service delivery.
Other Third-Party Sources: We may receive information about you from third parties that pay for your care or provide you with treatment, laboratory care, or prescription medication. This may include your prescription history and laboratory test results.
Cookies and Tracking Technologies
We use various tracking, data aggregation, and data analysis technologies, including:
Cookies: Small data files stored on your browser or device. Cookies help store user preferences and activity and allow our website to recognize your browser or device. Types of cookies we use include browser cookies, session cookies, and persistent cookies. Cookies may record information you access on one page to simplify subsequent interactions.
Flash Cookies: Cookies written using Adobe Flash, which may be permanently stored on your device. Flash cookies help store user preferences and activity and allow our website to recognize your browser or device. These are not managed by the same browser settings used for regular cookies.
Web Beacons: Pieces of code embedded in a website or email to monitor your activity. Web beacons can pass along information such as your IP address, the URL page you visited, the type of browser used, and previously set cookie values. They are sometimes used to collect advertising data, such as counting page views, promotion views, or advertising responses.
Scripts: Code embedded in a website to define how it behaves in response to certain user actions. Scripts can collect information about your interactions with the website, such as links clicked. Scripts are often temporarily downloaded to your computer or device from the website server, active only while connected to the website, and deactivated or deleted when you disconnect.
Analytic Tools and Services: We use third-party analytic tools and services to track, measure, and generate information about our website's traffic, sales, audience, and similar data. These tools help us conduct statistical research, market research, and content ratings research. Examples include Google Analytics and other similar services.
By collecting information through these various methods, HydraMed aims to provide a seamless, efficient, and secure user experience while ensuring the highest standards of privacy and data protection. If you choose to block, reject, disable, delete, or change the management settings for any tracking technologies, certain areas of the Platform might not function properly.
By visiting, accessing, or using our services, you acknowledge and agree that HydraMed may monitor or otherwise track your activities on our Platform using these technologies. However, HydraMed does not permit third parties or third-party cookies to access communications with Providers or medical information submitted for diagnosis and treatment purposes.
5. Use of Information
HydraMed uses the collected information for various purposes to provide and improve our services:
Service Provision and Administration
Identity Verification: Verifying your identity and confirming your location to ensure secure access to our services.
Account Management: Administering your account, processing transactions, and providing customer support.
Appointment Management: Scheduling, rescheduling, and managing your appointments, including sending reminders and notifications.
Order Management: Placing and tracking orders for products or services on your behalf.
Security Measures: Protecting or enforcing the rights and properties of others, which may include you.
Communication
Service-Related Communication: Communicating with you about your account, appointments, and any changes to our services.
Marketing and Promotions: Sending you information about HydraMed's services, offers, and promotions. You can opt out of marketing communications at any time.
Surveys and Feedback: Requesting your feedback through surveys and questionnaires to improve our services.
Provider Communication: Communicating on behalf of your Providers to facilitate medical services.
Information Dissemination: Providing you with information about HydraMed, affiliated labs, pharmacies, medical groups, Providers, and their services.
Research and Development
Service Improvement: Analyzing usage data and feedback to improve our website, services, and user experience.
New Services: Identifying and developing new products, services, and features.
User Experience: Improving user experiences with our services through analysis and research.
Traffic Analysis: Analyzing internet traffic to and through our services.
Behavior Analysis: Analyzing user behavior and activity on or through our services.
Research Activities: Conducting research for product and service development, advertising claim substantiation, and market research.
Legal and Compliance
Legal Obligations: Complying with legal and regulatory requirements, including responding to court orders and government requests.
Protection of Rights: Protecting our rights, property, and safety, as well as the rights, property, and safety of our users and others.
Monitoring: Monitoring user activities on or through our services to ensure compliance and security.
Legal Actions: Taking legal action against activities that threaten the rights, obligations, or properties of HydraMed or its users.
De-Identified Information
We may de-identify your information and use, create, and sell such de-identified information for any lawful purpose.
6. Disclosure of Information
HydraMed may disclose your information to third parties under certain circumstances:
Service Providers and Partners
Vendors: To third-party vendors who assist in providing our services, such as hosting, data analysis, IT services, customer service, and email delivery.
Medical Providers: To Medical Groups and Providers for the purpose of delivering healthcare services to you.
Business Operations: To vendors that support our business operations, such as legal, financial, and auditing services.
Legal and Regulatory
Compliance: To comply with legal requirements, court orders, and government requests.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
Protection of Rights: To protect the rights, property, and safety of HydraMed, our users, and others.
Consent
With Your Consent: We may disclose your information for any other purpose disclosed at the time you provide the information, with your consent.
We may de-identify your information and disclose such de-identified information for any lawful purpose.
7. Data Retention
HydraMed retains your information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Information may be disposed of or deleted as required by law or at our discretion.
Retention Periods
Service Provision: Information retained as long as needed to provide and improve our services.
Legal Compliance: Information retained as required by law and for resolving disputes or enforcing agreements.
Disposal of Information
We may dispose of or delete any information at any time, except as set forth in any other agreement or document executed by HydraMed or as required by law.
8. Data Security
HydraMed implements measures to protect your information from unauthorized access, use, alteration, and disclosure. However, transmission over the internet is not completely secure, and we cannot guarantee the security of your data transmitted to our website.
Security Measures
Encryption: Using encryption to protect sensitive data during transmission.
Access Controls: Implementing access controls to restrict access to your information to authorized personnel only.
Security Protocols: Regularly reviewing and updating our security protocols to safeguard your information.
Advertising Integrity: We are committed to transparency and ethical practices in our advertising. We strictly avoid obfuscating advertiser or payer identities, promoting illegal activities, or distributing malicious software. Additionally, we refrain from offering counterfeit or deceptive content, employing deceptive ad tactics, or attempting unauthorized access to user data. By adhering to these standards, we ensure a safe and trustworthy advertising environment, maintaining the integrity of our services.
User Responsibilities
Password Protection: Keeping your password confidential and not sharing it with anyone.
Security Awareness: Being aware of potential security threats and taking steps to protect your information.
Unfortunately, we cannot guarantee the security of your data transmitted to our website. Any transmission of personal data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures deployed on the Platform.
9. Limitations on Use by Minors
Our Service is generally intended for use by individuals who are at least eighteen (18) years of age or such older age as may be required by applicable state laws in the jurisdiction in which an individual utilizes the Service. Individuals who are between the ages of thirteen (13) and eighteen (18) (or such older age of majority) may use the Service only if a parent or legal guardian provides consent to such use in accordance with the requirements set forth in our Terms of Service and the Service. The Service is not designed or intended to attract, and is not directed to, children under thirteen (13) years of age.
If we obtain actual knowledge that we have collected personal information through the Platform from a person under thirteen (13) years of age, we will use reasonable efforts to refrain from further using such personal information or maintaining it in retrievable form. If you believe we might have any information directly from a child under 13, please contact us at (800) 801-8525 or through our website.
Please note that we are not required to erase or otherwise eliminate, or enable erasure or elimination of such content or information in certain circumstances, such as:
When an international, federal, state, or local law, rule, or regulation requires HydraMed to maintain the content or information.
When HydraMed maintains the content or information on behalf of your Providers as part of your electronic medical record.
When the content or information is stored on or posted to the Site by a third party other than you, including any content or information posted by you that was stored, republished, or reposted by the third party.
When HydraMed anonymizes the content or information so that you cannot be individually identified.
When you do not follow the aforementioned instructions for requesting the removal of the content or information.
When you have received compensation or other consideration for providing the content or information.
The foregoing is a description of HydraMed's voluntary practices concerning the collection of personal information through the Service from certain minors and is not intended to be an admission that HydraMed is subject to the Children’s Online Privacy Protection Act (COPPA), the Federal Trade Commission’s Children’s Online Privacy Protection Rule(s), or any similar international, federal, state, or local laws, rules, or regulations.
10. Transactions
In connection with any transaction that you conduct through the Service (e.g., the purchase or sale of any products or services on or through the Service), you may be asked to supply certain information relevant to the transaction, including, without limitation, your credit card number and expiration date, your billing address, your shipping address, your phone number, and your email address. By submitting such information, you grant HydraMed the irrevocable, unencumbered, universe-wide and perpetual right to provide such information to third parties (e.g., payment processing companies, buyers on the Service, sellers on the Service) for the purpose of facilitating the transaction.
All credit card, debit card, and other monetary transactions on or through the Service occur through an online payment processing application(s) accessible through the Service. This online payment processing application(s) is provided by HydraMed’s third-party online payment processing vendor, Electronic Merchant Systems (EMS). Additional information about EMS, its privacy policy, and its information security measures (collectively, the “EMS Policies”) can be found on the EMS website located at https://www.emscorporate.com/privacy-policy or by contacting EMS directly. Reference is made to the EMS Policies for informational purposes only and are in no way incorporated into or made a part of this Privacy Policy. HydraMed’s relationship with EMS is purely contractual in nature; EMS is a third-party vendor to HydraMed and is not subject to HydraMed’s direction or control. Therefore, their relationship should not be construed as one of fiduciaries, franchisors-franchisees, agents-principals, employers-employees, partners, joint venturers, or any other similar relationships.
Authorize.net
In addition to Electronic Merchant Systems, HydraMed also uses Authorize.net for payment processing services. Authorize.net is provided by Visa, and additional information about Authorize.net, its privacy policy, and its information security measures can be found on the Visa website located at https://usa.visa.com/legal/global-privacy-notice.html or by contacting Visa directly. Reference is made to Visa's privacy policy for informational purposes only and are in no way incorporated into or made a part of this Privacy Policy. HydraMed’s relationship with Authorize.net is purely contractual in nature; Authorize.net is a third-party vendor to HydraMed and is not subject to HydraMed’s direction or control. Therefore, their relationship should not be construed as one of fiduciaries, franchisors-franchisees, agents-principals, employers-employees, partners, joint venturers, or any other similar relationships.
11. Links to Other Websites
Our website may contain links to affiliate and other websites. HydraMed is not responsible for the privacy practices of other websites. We encourage you to be aware when you leave our website and to read the privacy statements of each website that collects personally identifiable information.
12. Do Not Track Signals
We may use automated data collection technologies to track you across websites. We currently do not honor do-not-track signals that may be sent by some browsers.
We also may use automated data collection technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they "do not track" your online activities. At this time, we do not honor such signals and we do not modify what information we collect or how we use that information based upon whether such a signal is broadcast or received by us.
13. Your Rights Regarding Your Information and Accessing and Correcting Your Information
You may have certain rights under applicable data protection laws, including the right to access and update your Personal Data, restrict how it is used, and the right to have us erase certain Personal Data about you. You also have the right to complain to a supervisory authority about our processing of your Personal Data.
Applicable Data Protection Rights
Access and Update: You can review and change your Personal Data by logging into the Platform and visiting your "Account" page. You may also notify us through the contact information provided below or through our website's Contact Us form to update or correct any inaccuracies in your Personal Data. We strive to ensure your information is complete, accurate, and current. However, we may not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
Restrict Processing: You have the right to request that we restrict the processing of your Personal Data under certain circumstances. This includes instances where you contest the accuracy of your Personal Data, if the processing is unlawful, or if we no longer need your Personal Data for processing but retain it as permitted by law.
Right to be Forgotten: You have the right to request that we delete all of your Personal Data. This can be done by requesting the deletion of your user account. We may not be able to accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. Additionally, some data may reside in our backups and will be retained for the duration specified in our disaster recovery policies.
Supervisory Authority: You have the right to lodge a complaint with the applicable supervisory authority in the country where you live, work, or believe your data protection rights have been violated. However, we encourage you to contact us first to address your concerns directly.
Exercising Your Rights
You may exercise any of the above rights by contacting us through any of the methods listed under Contact Information below and through our website's Contact Us form. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee subject to a maximum set by applicable law.
14. Changes to Privacy Policy
HydraMed reserves the right to update or change the terms of our Privacy Policy. We will post any changes to our website's homepage at www.HydraMed.com. If we make significant changes to the way we use your personal information, we will notify you via email. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.
15. Contact Us
For any questions or concerns regarding this Privacy Policy, please contact us at:
Email: hello @ hydramed.com
Telephone: (800) 801-8525
Mailing Address: HydraMed, 4800 Dahlia St., Denver, CO 80216
By using our website and services, you agree to the terms outlined in this Privacy Policy. If you do not agree, please refrain from using our site and services.