Product Privacy Notice
English
Spanish
English
Effective Date: July 9, 2025
At Rx Savings Solutions (“RxSS”, “McKesson”, “our”, “us”, or “we”), we value the trust that healthcare customers, patients, health plans, and employees place in us to use and protect personal information. This Privacy Notice informs you how we will use, share and protect your personal information. When you create an account with us and use our Services or provide us with personal information, you accept the privacy practices described in this Privacy Notice.
Please read this Privacy Notice in full to understand our privacy practices before you use our services or submit any personal information. The Services mean those we provide to you as a registered user via an online portal or mobile application.
Scope
This Privacy Notice applies to our use of personal information we collect when you use any of our Services (via our online portal or our mobile application) or in the ordinary course of business. These online portals /mobile applications (URLs) may include:
- https://portal.rxsavingsolutions.com
- https://auth.rxsavingsoltuions.com
- https://account.rxsavingsolutions.com
- RxSS Mobile Application
This Privacy Notice does not apply to:
- Individual health providers and practices who have separate privacy notices or Notice of Privacy Practices.
- RxSS’s affiliates and subsidiaries that may have separate websites, subdomains, and applications through other web, mobile, cloud or SaaS platforms which are not subject to this Privacy Notice.
- RxSS’s business partners, ad networks and other third parties that may have their own websites and services with separate privacy notices.
We encourage you to read the privacy notices of all websites and applications that you visit so that you understand their privacy practices.
Personal Information We Collect
When you use our Services, we may collect personal information about you. The personal information we may collect includes, but is not limited to:
- Name
- Age
- Date of birth
- Personal home address
- Personal telephone number (home & cell)
- Personal electronic mail address
- Business telephone number (office & cell)
- Business electronic mail address
- Health insurance identification or account number
- Drug names
- Medical products or equipment used
- Diagnosis code/description (condition information)
- Social security/social insurance number
- User ID and password
- Products/services used by an individual
- Geo-Location/GPS information
- IP address
- User’s browser type
- User’s operating system
- Device/user activity (such as Login-Logout info, sites/pages visited, # of visits, click stream, navigation, beacon signal hits, errors, crash rate, or other user activities)
- Communication preferences, such as text message or email notification and frequency
- Information you provide directly to us:
- When you use our Services.
- When you use offline features related to our Services, such as communicating with us by phone, e-mail, or in person.
- When you interact with us in the ordinary course of business.
Personal information may be combined with information that does not identify you. If we combine information that does not identify you with your personal information, it will be treated as personal information. We may also gather information about you from our customers, your health plan (or its management entity), pharmacy benefit managers (PBM), data banks, aggregators, other business units, affiliates, along with publicly available data that we may combine with information we already have about you.
Tracking Technologies We Use
We use various technologies to collect personal information including:
Web server logs
- As is true of most websites and applications, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, internet service provider, referring/exit pages, operating system, date/time stamp and/or clickstream data.
Cookies
- We and our subsidiaries, business partners, marketing partners, affiliates, or other vendors may use cookies. Cookies uniquely identify the device or user account.
Geo-location Services
- When you allow us to track your location, we may collect information about your location related to our Services. We use various technologies to determine location, such as sensor data from your device that may provide information from nearby Wi-Fi access points and cell towers.
Other Tracking Technologies
- We and our subsidiaries, business partners, marketing partners, affiliates, or other service providers may also use technologies such as web beacons, local storage to collect and store your information and preferences (such as HTML5), scripts, and tags.
These tracking technologies are used to:
- Analyze trends
- Collect user choices about our use of personal information
- Gather demographic information about our users as a whole
- Perform diagnostic services, such as error reporting
- Improve the site or Services
- Perform data analysis and audits
- Remember user’s settings
- Track user’s movement through our platforms
- Activate a user’s network services to connect to their product’s services or other data sources
- Run search queries in user or customer’s own information (such as database)
We may receive reports based on the use of tracking technologies on an individual and aggregated basis. If the tracking information we collect is considered individually identifiable information, the data is treated as Protected Health Information (”PHI”) under the Health Insurance Portability and Accountability Act (”HIPAA”). Use and disclosure of such data will comply with HIPAA’s Privacy and Security rule.
How We Use the Personal Information Collected
We may use the personal information we collect for purposes such as:
- Customer and troubleshooting support
- Data migration and/or installation services
- Error detection and debugging
- Auditing, monitoring, or fraud detection
- Marketing initiatives & notices
- Research activities
- Managed services
- Network or hosting services
- Service improvement and development
- Performance testing services
- Reporting or data analytics services
- Artificial intelligence
- Communications via, email, fax, mail, mobile badge notifications, or text message
- Personalized Services and customized site-content based user preferences
- Contests / Surveys, which are completely voluntary. We may use a third-party service provider to conduct these surveys or contests. Survey data may be shared with your Health Plan but will not further share the personal information you provide unless we obtain your authorization.
- We may partner with a third party to manage our advertising.Our third-party partners may use cookies and other technologies to gather information about your activities on this website and other websites to provide you advertising content based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt out via our cookie consent manager, according to the rights associated to your geo location.
- We may use your name and email address to send you our newsletter and will obtain your prior consent when required by law. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in those emails, or by contacting us using the contact information listed below.
How We Share Personal Information Collected
We may share personal information with other Mckesson affiliates or our clients, such as health plans, (or its management entity), and pharmacy benefit managers (PBM) when permitted by law and applicable agreements or authorizations have been executed. We may provide your personal information to third parties that provide services to help us with our business activities. These business activities may include fraud detection, monitoring services, payment processing services, network or hosting services, security services, marketing and advertising initiatives and shipping services. These companies are authorized to use personal information about you only as necessary to provide these services to us.
Some of our webpages may provide hyperlinks to partner sites or the ability to share information to those partners directly from our site. If you provide personal information in a partner-affiliated web form, you are providing it to our partners and not directly to us. In those circumstances, the privacy policies of those partners apply.
We may need to share information with other companies, organizations or individuals if we have a good faith belief that access, use, preservation, or disclosure of that information is reasonably necessary to:
- Meet applicable laws, regulations, legal processes, or enforceable governmental requests
- Enforce applicable Terms of Service, including investigation of potential violations
- Detect, prevent, or otherwise address fraud, security or technical issues
- Protect against harm to the rights, property or safety of our users, McKesson, or the public as required or permitted by law
- Engage in a merger, acquisition, reorganization, or sale of all or a portion of McKesson assets.
Your Choices
You can limit the personal information we have by choosing not to provide certain information. You may choose to stop receiving RxSS communications by following the unsubscribe instructions included in those communications, or by contacting us using the contact information listed below.
Access to Personal Information
You may view, edit, or delete certain elements of personal information in your account/profile settings. Other personal information provided to us by third parties (such as your health plan) and visible when you access your account with the Services but may not be removed or edited in your account/profile settings. Questions regarding access can be directed to [email protected].
Children’s Privacy
We do not knowingly collect or solicit any personal information from children, as defined under applicable law, without verified written parental consent, and we have no actual knowledge of selling such Personal Information of minors under 16 years of age. If we learn that we have collected Personal Information from a child, we will promptly take steps to delete that information. If you believe we might have any information from or about a child, please contact us at [email protected].
Retention We will retain your personal information until your health plan terminates service, as necessary to comply with our legal obligations, resolve disputes or enforce our agreements.
How We Protect Your Information
We protect the information we collect with proper physical, electronic and administrative safeguards. We only allow our employees, contractors, and agents to access personal information if they need access to perform services on our behalf. They are also subject to confidentiality obligations.
Any sensitive personal information is transmitted in an encrypted form using SSL encryption. Even though we have security safeguards, it is impossible to guarantee 100% security. If you have any questions about security or believe that your interactions with us are no longer secure (for example, you feel that your account with us has been compromised), you must notify us immediately by email at [email protected].
International Use and Cross-Border Data Transfers
If you are visiting our site from outside of the United States, please note that our site is hosted in the United States. Where permitted by applicable law, we may transfer the personal data we collect about you to the United States and other jurisdictions that may not be deemed to provide the same level of data protection as your home country, as necessary for the purposes set out in this notice.
For individuals in the European Union, European Economic Area, Switzerland, and United Kingdom: We will only transfer Personal Data to third parties located outside of this region when it has ensured appropriate safeguards for such Personal Information through use of the standard contractual clauses or other lawful and approved methods. To request a copy of applicable cross-border data transfer agreements, please reach out to us.
Changes to this Privacy Notice
We may update this Privacy Notice from time to time. Updates may describe new features, products or services. Updates may also describe changes in how we use your personal information or to your controls. We will not apply changes to this Privacy Notice retroactively to personal information we have previously collected. Since we may make changes, we recommend that you read the current version of this Privacy Notice from time to time. If we change this notice, we will update the “Effective Date” at the beginning of this notice.
Contact Information
If you have questions or concerns about this Privacy Notice, our information handling practices, or any other aspect of privacy and security of your personal information, please contact us at: [email protected].
You may also write to us at:
Rx Savings, LLC
ATTN: Privacy Officer (Privacy Notice, RxSS Services)
5440 W. 110th Street, Suite 200
Overland Park, KS 66211
Spanish
Fecha de entrada en vigor: 9 de julio de 2025
En Rx Savings Solutions (“RxSS”, “McKesson”, “nuestro”, “nos” o “nosotros”), valoramos la confianza que los clientes, pacientes, planes de salud y empleados de atención médica depositan en nosotros para usar y proteger la información personal. Este Aviso de privacidad le informa cómo usaremos, compartiremos y protegeremos su información personal. Cuando crea una cuenta con nosotros y utiliza nuestros servicios o nos proporciona información personal, acepta las prácticas de privacidad descritas en este Aviso de privacidad.
Lea este Aviso de privacidad en su totalidad para comprender nuestras prácticas de privacidad antes de utilizar nuestros servicios o enviar cualquier información personal. Los servicios se refieren a aquellos que le proporcionamos como usuario registrado a través de un portal en línea o una aplicación móvil.
Alcance
Este Aviso de privacidad se aplica a nuestro uso de la información personal que recopilamos cuando usted utiliza cualquiera de nuestros servicios (a través de nuestro portal en línea o nuestra aplicación móvil) o en el curso normal de nuestras operaciones. Estos portales en línea/aplicaciones móviles (URL) pueden incluir:
- https://portal.rxsavingsolutions.com
- https://auth.rxsavingsoltuions.com
- https://account.rxsavingsolutions.com
- Aplicación móvil de RxSS
Este Aviso de privacidad no se aplica a:
- Proveedores y consultorios de salud individuales que tienen avisos de privacidad o avisos de prácticas de privacidad independientes.
- Las filiales y subsidiarias de RxSS que pueden tener sitios web, subdominios y aplicaciones independientes a través de otras plataformas web, móviles, en la nube o SaaS que no están sujetas a este Aviso de privacidad.
- Los socios comerciales de RxSS, las redes publicitarias y otros terceros que pueden tener sus propios sitios web y servicios con avisos de privacidad independientes.
Le recomendamos que lea los avisos de privacidad de todos los sitios web y aplicaciones que visite para que comprenda sus prácticas de privacidad.
Información personal que recopilamos
Cuando utiliza nuestros servicios, podemos recopilar información personal sobre usted. La información personal que podemos recopilar incluye, entre otros:
- Nombre.
- Edad.
- Fecha de nacimiento.
- Dirección particular.
- Número de teléfono personal (casa y celular).
- Dirección de correo electrónico personal.
- Número de teléfono comercial (oficina y celular).
- Dirección de correo electrónico comercial.
- Número de identificación o cuenta del seguro médico.
- Nombres de medicamentos.
- Productos o equipos médicos utilizados.
- Código de diagnóstico/descripción (información de la afección).
- Número de seguridad social/de seguro social.
- Nombre de usuario y contraseña.
- Productos/servicios usados por una persona.
- Información de geolocalización/GPS.
- Dirección IP.
- Tipo de navegador del usuario.
- Sistema operativo del usuario.
- Actividad del dispositivo/usuario (como información de inicio y cierre de sesión, sitios/páginas visitadas, n.° de visitas, flujo de clics, navegación, señales de baliza, errores, tasa de fallos u otras actividades del usuario).
- Preferencias de comunicación, como notificaciones por mensaje de texto o correo electrónico y su frecuencia.
- Información que usted nos proporciona directamente:
- Cuando utiliza nuestros servicios.
- Cuando utiliza funciones sin conexión relacionadas con nuestros servicios, como comunicarse con nosotros por teléfono, correo electrónico o en persona.
- Cuando interactúa con nosotros en el curso normal de operaciones.
La información personal puede combinarse con información que no le identifica. Si combinamos información que no le identifica con su información personal, se tratará como información personal. También podemos recopilar información sobre usted de nuestros clientes, su plan médico (o su entidad administradora), administradores de beneficios de farmacia (PBM), bancos de datos, agregadores, otras unidades de negocio, afiliados, junto con datos disponibles públicamente que podemos combinar con la información que ya tenemos sobre usted.
Tecnologías de rastreo que utilizamos
Utilizamos diversas tecnologías para recopilar información personal, entre las que se incluyen:
Registros del servidor web.
- Como ocurre con la mayoría de los sitios web y aplicaciones, recopilamos cierta información automáticamente y la almacenamos en archivos de registro. Esta información puede incluir direcciones IP, tipo de navegador, proveedor de servicios de Internet, páginas de referencia/salida, sistema operativo, marca de fecha/hora y/o datos de flujo de clics.
Cookies
- Nosotros y nuestras subsidiarias, socios comerciales, socios de marketing, afiliados, u otros proveedores pueden utilizar cookies. Las cookies identifican de forma única el dispositivo o la cuenta de usuario.
Servicios de geolocalización
- Cuando usted nos permite rastrear su ubicación, podemos recopilar información sobre su ubicación relacionada con nuestros servicios. Utilizamos varias tecnologías para determinar la ubicación, como los datos de los sensores de su dispositivo que pueden proporcionar información de los puntos de acceso Wi-Fi y las torres de telefonía móvil cercanos.
Otras tecnologías de rastreo
- Nosotros y nuestras subsidiarias, socios comerciales, socios de marketing, afiliados, u otros proveedores de servicios también pueden utilizar tecnologías como balizas web, almacenamiento local para recopilar y almacenar su información y preferencias (como HTML5), scripts y etiquetas.
Estas tecnologías de rastreo se utilizan para:
- Analizar tendencias.
- Recopilar las opciones de los usuarios sobre nuestro uso de la información personal.
- Recopilar información demográfica sobre nuestros usuarios en su conjunto.
- Realizar servicios de diagnóstico, como informes de errores.
- Mejorar el sitio o los servicios.
- Realizar análisis de datos y auditorías.
- Recordar la configuración del usuario.
- Rastrear el movimiento de los usuarios a través de nuestras plataformas.
- Activar los servicios de red de un usuario para conectarse a los servicios de su producto u otras fuentes de datos.
- Ejecutar consultas de búsqueda en la propia información del usuario o del cliente (como la base de datos).
Podemos recibir informes basados en el uso de tecnologías de rastreo de forma individual y agregada. Si la información de rastreo que recopilamos se considera información de identificación individual, los datos se tratan como Información médica protegida (Protected Health Information, “PHI”) en virtud de la Ley de Portabilidad y Responsabilidad de Seguros Médicos (Health Insurance Portability and Accountability Act, “HIPAA”). El uso y la divulgación de dichos datos cumplirá con las normas de privacidad y seguridad de HIPAA.
Cómo utilizamos la información personal recopilada
Podemos utilizar la información personal que recopilamos para fines tales como:
- Soporte al cliente y resolución de problemas.
- Servicios de migración y/o instalación de datos.
- Detección y depuración de errores.
- Auditoría, monitoreo o detección de fraudes.
- Iniciativas de marketing y avisos.
- Actividades de investigación.
- Servicios administrados.
- Servicios de red o de alojamiento.
- Mejora y desarrollo del servicio.
- Servicios de pruebas de rendimiento.
- Servicios de informes o análisis de datos.
- Inteligencia artificial.
- Comunicaciones a través de correo electrónico, fax, correo postal, notificaciones en dispositivos móviles o mensajes de texto.
- Servicios personalizados y preferencias de usuario personalizadas basadas en el contenido del sitio.
- Concursos/encuestas, que son completamente voluntarios. Podemos utilizar un proveedor de servicios externo para realizar estas encuestas o concursos. Los datos de las encuestas pueden compartirse con su plan médico, pero no se compartirá más la información personal que proporcione a menos que obtengamos su autorización.
- Podemos asociarnos con un tercero para administrar nuestra publicidad.Nuestros socios externos pueden utilizar cookies y otras tecnologías para recopilar información sobre sus actividades en este sitio web y otros sitios web para proporcionarle contenido publicitario basado en sus actividades e intereses de navegación. Si no desea que esta información se utilice con el fin de mostrarle anuncios basados en intereses, puede optar por no participar a través de nuestro administrador de consentimiento de cookies, de acuerdo con los derechos asociados a su geolocalización.
- Boletines informativos. Podemos utilizar su nombre y dirección de correo electrónico para enviarle nuestro boletín informativo y obtendremos su consentimiento previo cuando así lo exija la ley. Puede optar por dejar de recibir nuestro boletín informativo o correos electrónicos de marketing siguiendo las instrucciones para cancelar la suscripción incluidas en esos correos electrónicos, o comunicándose con nosotros utilizando la información de contacto que se indica a continuación.
Cómo compartimos la información personal recopilada
Podemos compartir información personal con otras filiales de McKesson o nuestros clientes, como planes médicos (o su entidad administradora) y administradores de beneficios de farmacia (pharmacy benefit managers, PBM) cuando lo permita la ley y se hayan ejecutado los acuerdos o autorizaciones aplicables. Podemos proporcionar su información personal a terceros que proporcionan servicios para ayudarnos con nuestras actividades comerciales. Estas actividades comerciales pueden incluir la detección de fraudes, los servicios de monitoreo, los servicios de procesamiento de pagos, los servicios de red o alojamiento, los servicios de seguridad, las iniciativas de marketing y publicidad y los servicios de envío. Estas compañías están autorizadas a usar su información personal solo según sea necesario para proporcionarnos estos servicios.
Algunas de nuestras páginas web pueden proporcionar hipervínculos a sitios asociados o la capacidad de compartir información con esos socios directamente desde nuestro sitio. Si usted proporciona información personal en un formulario web afiliado a un socio, se la está proporcionando a nuestros socios y no directamente a nosotros. En esas circunstancias, se aplican las políticas de privacidad de dichos socios.
Es posible que necesitemos compartir información con otras empresas, organizaciones o personas si creemos de buena fe que el acceso, el uso, la preservación o la divulgación de esa información es razonablemente necesario para:
- Cumplir con las leyes, regulaciones, procesos legales o solicitudes gubernamentales exigibles aplicables.
- Hacer cumplir los términos de servicio aplicables, incluida la investigación de posibles infracciones.
- Detectar, prevenir o abordar de otro modo el fraude, la seguridad o los problemas técnicos.
- Proteger contra daños a los derechos, la propiedad o la seguridad de nuestros usuarios, McKesson o el público, según lo exija o permita la ley.
- Participar en una fusión, adquisición, reorganización o venta de la totalidad o una parte de los activos de McKesson.
Sus opciones
Puede limitar la información personal que tenemos al elegir no proporcionar cierta información. Puede optar por dejar de recibir comunicaciones de RxSS siguiendo las instrucciones para cancelar la suscripción que se incluyen en dichas comunicaciones o al comunicarse con nosotros mediante la información de contacto que se muestra a continuación.
Acceso a la información personal
Puede ver, editar o eliminar ciertos elementos de información personal en la configuración de su cuenta/perfil. Otra información personal que nos proporcionen terceros (como su plan médico) y que sea visible cuando accede a su cuenta con los servicios, pero que no puede eliminarse ni editarse en la configuración de su cuenta/perfil. Las preguntas relacionadas con el acceso pueden dirigirse a [email protected].
Privacidad de los menores
No recopilamos ni solicitamos intencionalmente información personal de menores, según se define en la ley aplicable, sin el consentimiento verificado por escrito de los padres, y no tenemos conocimiento real de la venta de dicha información personal de menores de 16 años. Si nos enteramos de que hemos recopilado información personal de un menor, tomaremos medidas de inmediato para eliminar dicha información. Si cree que podríamos tener información de o sobre un menor, comuníquese con nosotros a [email protected].
Retención Conservaremos su información personal hasta que su plan médico termine el servicio, según sea necesario para cumplir con nuestras obligaciones legales, resolver disputas o hacer cumplir nuestros acuerdos.
Cómo protegemos su información
Protegemos la información que recopilamos con las medidas de seguridad físicas, electrónicas y administrativas adecuadas. Solo permitimos que nuestros empleados, contratistas y agentes accedan a la información personal si lo necesitan para realizar servicios en nuestro nombre. También están sujetos a obligaciones de confidencialidad.
Cualquier información personal confidencial se transmite de forma cifrada mediante encriptación SSL. A pesar de que tenemos salvaguardas de seguridad, es imposible garantizar el 100 % de seguridad. Si tiene alguna pregunta sobre seguridad o cree que sus interacciones con nosotros ya no son seguras (por ejemplo, siente que su cuenta con nosotros se ha visto comprometida), debe notificarnos de inmediato por correo electrónico a [email protected].
Uso internacional y transferencias transfronterizas de datos
Si usted visita nuestro sitio desde fuera de los Estados Unidos, tenga en cuenta que este se encuentra alojado en los Estados Unidos. Cuando la ley aplicable lo permita, podemos transferir los datos personales que recopilamos sobre usted a los Estados Unidos y otras jurisdicciones que podrían no ofrecer el mismo nivel de protección de datos que su país de origen, según sea necesario para los fines establecidos en este aviso
Para personas de la Unión Europea, el Espacio Económico Europeo, Suiza y el Reino Unido: solo transferiremos datos personales a terceros ubicados fuera de esta región cuando se hayan establecido las garantías adecuadas para dicha Información personal, mediante el uso de las cláusulas contractuales estándar u otros métodos legales y aprobados. Para solicitar una copia de los acuerdos de transferencia transfronteriza de datos aplicables, comuníquese con nosotros.
Cambios a este Aviso de privacidad
Es posible que actualicemos este Aviso de privacidad de vez en cuando. Las actualizaciones pueden describir nuevas características, productos o servicios. Las actualizaciones también pueden describir cambios en la forma en que usamos su información personal o en sus controles. No aplicaremos los cambios a este Aviso de privacidad de forma retroactiva a la información personal que hayamos recopilado anteriormente. Dado que podemos realizar cambios, le recomendamos que lea la versión actual de este Aviso de privacidad de vez en cuando. Si cambiamos este aviso, actualizaremos la “Fecha de entrada en vigor” al comienzo de este aviso.
Información de contacto
Si tiene preguntas o inquietudes acerca de este Aviso de privacidad, nuestras prácticas de manejo de la información o cualquier otro aspecto de la privacidad y seguridad de su información personal, comuníquese con nosotros a: [email protected].
También puede escribirnos a:
Rx Savings, LLC
A/A: Funcionario de privacidad (Privacy Officer) (Aviso de privacidad, RxSS Services)
5440 W. 110th Street, Suite 200
Overland Park, KS 66211
Effective Date: May 1, 2023
Last Updated: April 1, 2022
At Rx Savings, LLC d/b/a Rx Savings Solutions (“Rx Savings”, “RxSS”, “our”, “us”, or “we”), we value the trust that patients, employees, health plans or payers, governmental entities or agencies, pharmaceutical or drug manufacturers and other consumers/customers place in us to appropriately use and protect personal information.
This Privacy Notice applies to our use of personal information we collect in connection with your use of Rx Savings Solutions or in the ordinary course of business. It also informs how Rx Savings Solutions will use, share and protect personal information about you. By using Rx Savings Solutions or providing personal information, you accept the privacy practices in this Privacy Notice. Please read this Privacy Notice in full to understand our privacy practices before using Rx Savings Solutions or submitting any personal information.
Scope
This Privacy Notice applies to Rx Savings Solutions’ sites (i.e. https://rxss.com; https://portal.rxsavingssolutions.com; https://client.rxsavingssolutions.com). This Privacy Notice does not apply to:
- Rx Savings Solutions affiliates and subsidiaries that may have separate websites, subdomains, and applications through other web, mobile, cloud or SaaS platforms which are not subject to this Privacy Notice.
- Rx Savings Solutions business partners, ad networks and other third parties that may have their own websites and services with separate privacy practices.
We encourage you to read the privacy notices of all websites and applications that you visit and understand their privacy practices.
Personal Information We Collect
In connection with your use of Rx Savings Solutions, we may collect personal information about you. The personal information we may collect includes, but is not limited to:
- First name, middle name, last name
- Age, date of birth, gender, marital status
- Personal home address, personal telephone number (home, cell, fax, etc.), electronic mail address, business electronic mail address, business telephone number (office, cell, fax, etc.)
- Claims data, Rx/prescription number, drugs, therapies, medical products, or equipment used, dates (admission date, discharge date, date of death, treatment date, etc.), mental health information, health insurance identification or account number, diagnosis code/description
- Professional and employment information
- User ID and password, answers to password reset questions, children’s information, social security/social Insurance number, trade union membership, details of financial transactions (e.g., account balance, payment history, overdraft history, purchase history), Medicare or Medicaid number, signature (electronic or digitized image)
- Insurance claim history, products/services used by an individual, other sensitive personal information, certain drug-utilization/claims history could reveal sensitive diagnoses and health care services received by the individual.
- IP address, user’s browser type, user’s operating system, device/user activity (such as login-logout info, sites/pages visited, number of visits, click stream, navigation, beacon signal hits, errors, crash rate, or other user activities), marketing preference such as text message or email notification and frequency, geo-location/GPS information
- Information about you that you share or make visible on the Internet
- From third party entities, such as health plans, pharmacies, and pharmacy benefit managers (PBMs), governmental entities/agencies, pharmaceutical manufacturers, Medispan, NCPDP, and Gold Standard
- Information you provide directly to us:
- When you use the Rx Savings Solutions website, app, or client portal;
- When you use offline features related to Rx Savings Solutions, such as communicating with us by phone, e-mail, or in person; or
- When you interact with us in the ordinary course of business.
Personal information may be aggregated with other information that may not be considered personal information. If we combine your non-personal information with personal information, the combined information will be treated as personal information.
Tracking Technologies We Use
We use various technologies to collect personal information. These technologies include the following:
- Web server logs
- As is true of most websites and applications, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, internet service provider, referring/exit pages, operating system, date/time stamp and/or clickstream data.
- Cookies
- We and our subsidiaries, business partners, marketing partners, affiliates, or other vendors may use cookies. Cookies uniquely identify the device or user account you use. You can control the use of cookies by adjusting your browser preferences at any time. If you reject cookies, you may still use our Rx Savings Solutions. However, rejecting cookies may limit your ability to use some parts of our Rx Savings Solutions.
- Geo-location Services
- When you allow us to track your location, we may collect information about your location and use it to match your location for appropriate Rx Savings Solutions. We use various technologies to determine location, such as sensor data from your device that may provide information on nearby Wi-Fi access points and cell towers.
- Other Tracking Technologies
- We and our subsidiaries, business partners, marketing partners, affiliates, or other service providers may also use technologies such as local shared objects (flash cookies), web beacons, tags and scripts.
- We also use local storage (example: HTML5) to collect and store content information and preferences. Our third-party partners who provide certain features or display advertising on our site may do the same. Your browser may offer tools for removing HTML5 local storage.
These tracking technologies are used:
- To analyze trends
- To gather demographic information about users
- To perform diagnostic services in order to improve the site or service
- To collect user choices about our use of personal information
- To perform data analysis and audits
- To remember user’s settings
- To track user’s movement through our platforms
- To optimize your experience and connect you with available pharmacies based on your location
We may receive reports based on the use of tracking technologies on an individual and aggregated basis. If the tracking information we collect is considered individually identifiable information, the data is treated as Protected Health Information (”PHI”) under the Health Insurance Portability and Accountability Act (”HIPAA”). Use and disclosure of such data will comply with HIPAA’s Privacy and Security rule.
How We Respond to “Do Not Track” Signals
Some web browsers have a ”Do Not Track” feature. This feature allows you to tell websites you visit that you do not want your online activity tracked over time and across websites. You may adjust these preferences at any time by adjusting your cookie settings and/or individual browser’s settings.
How We Use the Personal Information Collected
We may use the personal information we collect for purposes such as:
- To register you and respond to your requests
- Customer and troubleshooting support
- Data migration and/or installation services
- Error detection and debugging
- Research activities
- Marketing initiatives
- Communications via email, fax, mail, newsletters, mobile badge notifications, or text message
- Managed services, network, or hosting services
- Reporting or data analytics services, such as your search queries
- Personalized user service or customized site-content based user preferences
- Fraud detection or monitoring services
- Performance testing services and optimization services
We may also use the information collected for the following purposes:
- Surveys
- If you participate in surveys, we will request certain personal information from you. Participation in these surveys is completely voluntary and you have a choice whether to disclose this information. We may use a third-party service provider to conduct these surveys. We will not share the personal information you provide through a contest or survey with other third parties unless we give you prior notice and choice.
- Advertising
- We partner with third parties to manage our advertising. Our third-party partners may use cookies and other technologies to gather information about your activities on this website and other websites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out.
How We Share Personal Information Collected
- We do not sell your personal information to third parties, but we may sell data that has been de-identified.
Rx Savings Solutions may also need to share information with companies, organizations, or individuals outside of Rx Savings Solutions if we have a good faith belief that access, use, preservation, or disclosure of that information is reasonably necessary to:
- Meet applicable laws, regulations, legal processes, or enforceable governmental requests;
- Enforce applicable Terms of Service, including investigation of potential violations;
- Detect, prevent, or otherwise address fraud, security, or technical issues;
- Protect against harm to the rights, property or safety of our users, Rx Savings Solutions , or the public as required or permitted by law; or
- Engage in a merger, acquisition, reorganization, or sale of all or a portion of McKesson assets.
Your Choices
You can limit the personal information you disclose to us by choosing not to provide it to us or by failing to provide information through any offline features or in the ordinary course of business.
You may choose to stop receiving our newsletter or marketing communications by following the unsubscribe instructions included in those communications, or by contacting us using the contact information listed below.
Access to Personal Information
You may review and change your personal information by logging into your Service account profile and updating it. You may also modify your personal prescription medication profile at any time by logging into your account.
We are ready to assist you in checking or changing your personal profile. You may reach us by the “Contact Us” page of www.rxss.com or by emailing [email protected].
Retention
We will retain your personal information while your account is active, as necessary to comply with our legal obligations, to resolve disputes or enforce our agreements. Your information will never be kept longer than six years.
Health Insurance Portability and Accountability Act (”HIPAA”)
As a provider of services and technology to the healthcare industry, Rx Savings Solutions has implemented programs to address the HIPAA privacy and security requirements.
Children’s Privacy
Rx Savings Solutions is not intended for users under the age of 13. We do not knowingly collect personal information from children under the age of 13. Users under the age of 13 should not submit any personal information or use Rx Savings Solutions.
How We Protect Your Information
We protect the information we collect with appropriate physical, electronic and administrative safeguards. We only allow our employees, contractors, and agents to access personal information if they need access to perform services. They are also subject to confidentiality obligations.
Any sensitive personal information is transmitted in an encrypted form using SSL encryption. Even though we have security safeguards, it is impossible to guarantee 100% security. If you have any questions about security or believe that your interactions with us are no longer secure (for example, you feel that your account with us has been compromised), you must immediately notify us by contacting Rx Savings Solutions at [email protected].
Changes to this Privacy Notice
We may update this Privacy Notice from time to time. Updates may describe new features, products or services. Updates may also describe changes in how we use your personal information or to your controls. We will not apply changes to this Privacy Notice retroactively to personal information we have previously collected. Since we may make changes, we recommend that you read the current version of this Privacy Notice from time to time. If we make changes to this notice, we will update the “Effective Date” at the beginning of this notice.
Contact Information
If you have questions or concerns about this Privacy Notice, our information handling practices, or any other aspect of privacy and security of your personal information, please contact us at: [email protected] or write to us at:
Rx Savings, LLC
Attn: Privacy Officer (Privacy Notice, Rx Savings)
5440 W. 110th Street, Suite 200
Overland Park, KS 66211
[email protected]
Effective Date: July 9, 2025
At Rx Savings Solutions (“RxSS”, “McKesson”, “our”, “us”, or “we”), we value the trust that healthcare customers, patients, health plans, and employees place in us to use and protect personal information. This Privacy Notice informs you how we will use, share and protect your personal information. When you create an account with us and use our Services or provide us with personal information, you accept the privacy practices described in this Privacy Notice.
Please read this Privacy Notice in full to understand our privacy practices before you use our services or submit any personal information. The Services mean those we provide to you as a registered user via an online portal or mobile application.
Scope
This Privacy Notice applies to our use of personal information we collect when you use any of our Services (via our online portal or our mobile application) or in the ordinary course of business. These online portals /mobile applications (URLs) may include:
- https://portal.rxsavingsolutions.com
- https://auth.rxsavingsoltuions.com
- https://account.rxsavingsolutions.com
- RxSS Mobile Application
This Privacy Notice does not apply to:
- Individual health providers and practices who have separate privacy notices or Notice of Privacy Practices.
- RxSS’s affiliates and subsidiaries that may have separate websites, subdomains, and applications through other web, mobile, cloud or SaaS platforms which are not subject to this Privacy Notice.
- RxSS’s business partners, ad networks and other third parties that may have their own websites and services with separate privacy notices.
We encourage you to read the privacy notices of all websites and applications that you visit so that you understand their privacy practices.
Personal Information We Collect
When you use our Services, we may collect personal information about you. The personal information we may collect includes, but is not limited to:
- Name
- Age
- Date of birth
- Personal home address
- Personal telephone number (home & cell)
- Personal electronic mail address
- Business telephone number (office & cell)
- Business electronic mail address
- Health insurance identification or account number
- Drug names
- Medical products or equipment used
- Diagnosis code/description (condition information)
- Social security/social insurance number
- User ID and password
- Products/services used by an individual
- Geo-Location/GPS information
- IP address
- User’s browser type
- User’s operating system
- Device/user activity (such as Login-Logout info, sites/pages visited, # of visits, click stream, navigation, beacon signal hits, errors, crash rate, or other user activities)
- Communication preferences, such as text message or email notification and frequency
- Information you provide directly to us:
- When you use our Services.
- When you use offline features related to our Services, such as communicating with us by phone, e-mail, or in person.
- When you interact with us in the ordinary course of business.
Personal information may be combined with information that does not identify you. If we combine information that does not identify you with your personal information, it will be treated as personal information. We may also gather information about you from our customers, your health plan (or its management entity), pharmacy benefit managers (PBM), data banks, aggregators, other business units, affiliates, along with publicly available data that we may combine with information we already have about you.
Tracking Technologies We Use
We use various technologies to collect personal information including:
Web server logs
- As is true of most websites and applications, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, internet service provider, referring/exit pages, operating system, date/time stamp and/or clickstream data.
Cookies
- We and our subsidiaries, business partners, marketing partners, affiliates, or other vendors may use cookies. Cookies uniquely identify the device or user account.
Geo-location Services
- When you allow us to track your location, we may collect information about your location related to our Services. We use various technologies to determine location, such as sensor data from your device that may provide information from nearby Wi-Fi access points and cell towers.
Other Tracking Technologies
- We and our subsidiaries, business partners, marketing partners, affiliates, or other service providers may also use technologies such as web beacons, local storage to collect and store your information and preferences (such as HTML5), scripts, and tags.
These tracking technologies are used to:
- Analyze trends
- Collect user choices about our use of personal information
- Gather demographic information about our users as a whole
- Perform diagnostic services, such as error reporting
- Improve the site or Services
- Perform data analysis and audits
- Remember user’s settings
- Track user’s movement through our platforms
- Activate a user’s network services to connect to their product’s services or other data sources
- Run search queries in user or customer’s own information (such as database)
We may receive reports based on the use of tracking technologies on an individual and aggregated basis. If the tracking information we collect is considered individually identifiable information, the data is treated as Protected Health Information (”PHI”) under the Health Insurance Portability and Accountability Act (”HIPAA”). Use and disclosure of such data will comply with HIPAA’s Privacy and Security rule.
How We Use the Personal Information Collected
We may use the personal information we collect for purposes such as:
- Customer and troubleshooting support
- Data migration and/or installation services
- Error detection and debugging
- Auditing, monitoring, or fraud detection
- Marketing initiatives & notices
- Research activities
- Managed services
- Network or hosting services
- Service improvement and development
- Performance testing services
- Reporting or data analytics services
- Artificial intelligence
- Communications via, email, fax, mail, mobile badge notifications, or text message
- Personalized Services and customized site-content based user preferences
- Contests / Surveys, which are completely voluntary. We may use a third-party service provider to conduct these surveys or contests. Survey data may be shared with your Health Plan but will not further share the personal information you provide unless we obtain your authorization.
- We may partner with a third party to manage our advertising.Our third-party partners may use cookies and other technologies to gather information about your activities on this website and other websites to provide you advertising content based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt out via our cookie consent manager, according to the rights associated to your geo location.
- We may use your name and email address to send you our newsletter and will obtain your prior consent when required by law. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in those emails, or by contacting us using the contact information listed below.
How We Share Personal Information Collected
We may share personal information with other Mckesson affiliates or our clients, such as health plans, (or its management entity), and pharmacy benefit managers (PBM) when permitted by law and applicable agreements or authorizations have been executed. We may provide your personal information to third parties that provide services to help us with our business activities. These business activities may include fraud detection, monitoring services, payment processing services, network or hosting services, security services, marketing and advertising initiatives and shipping services. These companies are authorized to use personal information about you only as necessary to provide these services to us.
Some of our webpages may provide hyperlinks to partner sites or the ability to share information to those partners directly from our site. If you provide personal information in a partner-affiliated web form, you are providing it to our partners and not directly to us. In those circumstances, the privacy policies of those partners apply.
We may need to share information with other companies, organizations or individuals if we have a good faith belief that access, use, preservation, or disclosure of that information is reasonably necessary to:
- Meet applicable laws, regulations, legal processes, or enforceable governmental requests
- Enforce applicable Terms of Service, including investigation of potential violations
- Detect, prevent, or otherwise address fraud, security or technical issues
- Protect against harm to the rights, property or safety of our users, McKesson, or the public as required or permitted by law
- Engage in a merger, acquisition, reorganization, or sale of all or a portion of McKesson assets.
Your Choices
You can limit the personal information we have by choosing not to provide certain information. You may choose to stop receiving RxSS communications by following the unsubscribe instructions included in those communications, or by contacting us using the contact information listed below.
Access to Personal Information
You may view, edit, or delete certain elements of personal information in your account/profile settings. Other personal information provided to us by third parties (such as your health plan) and visible when you access your account with the Services but may not be removed or edited in your account/profile settings. Questions regarding access can be directed to [email protected].
Children’s Privacy
We do not knowingly collect or solicit any personal information from children, as defined under applicable law, without verified written parental consent, and we have no actual knowledge of selling such Personal Information of minors under 16 years of age. If we learn that we have collected Personal Information from a child, we will promptly take steps to delete that information. If you believe we might have any information from or about a child, please contact us at [email protected].
Retention We will retain your personal information until your health plan terminates service, as necessary to comply with our legal obligations, resolve disputes or enforce our agreements.
How We Protect Your Information
We protect the information we collect with proper physical, electronic and administrative safeguards. We only allow our employees, contractors, and agents to access personal information if they need access to perform services on our behalf. They are also subject to confidentiality obligations.
Any sensitive personal information is transmitted in an encrypted form using SSL encryption. Even though we have security safeguards, it is impossible to guarantee 100% security. If you have any questions about security or believe that your interactions with us are no longer secure (for example, you feel that your account with us has been compromised), you must notify us immediately by email at [email protected].
International Use and Cross-Border Data Transfers
If you are visiting our site from outside of the United States, please note that our site is hosted in the United States. Where permitted by applicable law, we may transfer the personal data we collect about you to the United States and other jurisdictions that may not be deemed to provide the same level of data protection as your home country, as necessary for the purposes set out in this notice.
For individuals in the European Union, European Economic Area, Switzerland, and United Kingdom: We will only transfer Personal Data to third parties located outside of this region when it has ensured appropriate safeguards for such Personal Information through use of the standard contractual clauses or other lawful and approved methods. To request a copy of applicable cross-border data transfer agreements, please reach out to us.
Changes to this Privacy Notice
We may update this Privacy Notice from time to time. Updates may describe new features, products or services. Updates may also describe changes in how we use your personal information or to your controls. We will not apply changes to this Privacy Notice retroactively to personal information we have previously collected. Since we may make changes, we recommend that you read the current version of this Privacy Notice from time to time. If we change this notice, we will update the “Effective Date” at the beginning of this notice.
Contact Information
If you have questions or concerns about this Privacy Notice, our information handling practices, or any other aspect of privacy and security of your personal information, please contact us at: [email protected].
You may also write to us at:
Rx Savings, LLC
ATTN: Privacy Officer (Privacy Notice, RxSS Services)
5440 W. 110th Street, Suite 200
Overland Park, KS 66211
