CURASCRIPTSD GALILEO SITE PRIVACY POLICY

 

Version 2.0. Last Revised: 3/17/2018

 

This Privacy Policy is provided by Priority Healthcare Distribution, Inc. (“CuraScriptSD”, “we”, “us” or “our”) to all visitors (“you” or “your”) who use the CuraScriptSD Galileo site located at https://www.CurascriptOnline.com/Galileo/Galileo.aspx (the “Site”) and Registered Users of the Galileo Website.  The Site is provided to you as a service to disseminate information regarding our specialty distribution related services and enable certain online interactions with us and includes the Galileo Website.  The “Galileo Website” is a Registered User-only account portal available through the Site which enables Registered Users to receive, view, and/or run reports regarding use of certain pharmaceutical products.  “Registered Users” are authorized representatives of pharmaceutical manufacturers that have completed the registration process for website access. 

 

We are firmly committed to protecting the confidentiality and security of your Personal Information.  The term “Personal Information” means any information which can be used to identify a person including by way of example, but not limitation, name, date of birth, mailing address, social media and other third party platform account identifiers, home phone number, mobile phone number, e-mail address, credit card information, and/or Social Security number.

 

COLLECTION, USE, AND DISCLOSURE OF PERSONAL INFORMATION

 

How We Collect Your Personal Information

 

Registration

Registration is optional; however, Registered Users are provided access to the Galileo Website and to information and online services not provided on the public website, as well as the ability to login to the Galileo Website when revisiting the Site.  To register, you must first contact a customer support or sales representative and provide certain Personal Information.  The Personal Information you disclose to us during registration and in connection with the Galileo Website is provided strictly on a voluntary basis.  We may also collect Non-Personal Information during the registration process as described above. 

 

Analytics

We may use certain in-house or third-party functionality to log and analyze your communications with us and interactions with the Site.  This functionality enables us to communicate with you about our services, and to monitor the services provided to you, so that we can improve your Site experience and address certain Site or benefit related issues.  These third parties will be required to protect your Personal Information in a manner consistent with this Privacy Policy.  Other analytics capabilities are reflected in the description of Non-Personal Information.

 

Others Uses and Disclosure of Your Personal Information

We will not use or disclose your Personal Information in a manner inconsistent with applicable law or this Privacy Policy.  Examples of our uses and disclosures include:

  • We may share your Personal Information with selected service providers or consultants acting on our behalf. Those third parties will be required to protect your Personal Information in a manner consistent with this Privacy Policy.
  • We may share your Personal Information with other CuraScriptSD companies (i.e., entities which are controlling, controlled by, or under common control with CuraScriptSD) to provide you with more personalized and enhanced services.
  • We may disclose your Personal Information to relevant third parties such as auditors, lawyers, or other professional advisors.
  • We may utilize selected service providers to make targeted non-personal communications to an aggregated audience regarding our offerings and other potentially relevant benefit information of interest to you.
  • We may use your Personal Information and Non-Personal Information in communicating with you via e-mail, facsimile, letter, text message, mobile application, through the Site via a pop-up message, or otherwise.
  • We may send you promotional offers or marketing information that may be of interest to you.
  • We may use third-party agents for purposes of communicating with you and/or collecting information from you
  • Statements here and elsewhere on the Site concerning the treatment of your Personal Information may not apply with respect to information already in our possession.

 

Compelled and Necessary Disclosures

In certain circumstances, we may be legally compelled to release your Personal Information in response to a court order, subpoena, search warrant, or law or regulation.  In addition, we may disclose your Personal Information as reasonably necessary in accordance with law to protect the rights or property of us, our affiliates, and our users, or to enforce the terms and conditions associated with the Site including this Privacy Policy and the Terms of Use.

 

How You Can Correct/Update Your Personal Information

You can correct or update your Personal Information at any time using the following options:

  • Via the telephone: Call the number listed on your pharmaceutical organization’s contract to update your Personal Information.

 

COLLECTION, USE, AND DISCLOSURE OF NON-PERSONAL INFORMATION

 

Collection of Non-Personal Information

When you visit the Site, and during your interactions with the Site, we may collect Non-Personal Information from you.  “Non-Personal Information” means a data element or collection of data elements that by itself cannot ordinarily be associated with a specific individual.  Non-Personal Information includes by way of example but not limitation, the Internet browser or computer operating system you are using, your navigation of the Site including the pages of the Site that you access, the amount of time spent on various portions of the Site, the length and dates of your visits to the Site, and certain Site data captured through your interactions with the Site and other sites.  Non-Personal Information may include information provided by you through the Site or otherwise (e.g., through a third-party site) that is not Personal Information.  Certain Non-Personal Information may be collected on an aggregated, anonymous basis through web server logs, cookies, ad servers, tracking pixels, web beacons, and similar Internet tracking devices (collectively “Tracking Mechanisms”).  Web servers automatically collect Non-Personal Information, with your IP address, when you request pages of the Site or other sites.  Based on certain interactions with the Site, third-party sites, mailings, other communications with us, and/or our system configurations, certain Non-Personal Information may be associated with your Personal Information such that your Non-Personal Information is identifiable with you. 

 

You may be able to opt-out of certain third-party associations by following third party customization and/or opt-out options.  Google®, Twitter®, and LinkedIn® may provide customization and/or opt-out of certain Tracking Mechanisms through their respective sites.  For example, Google's Ads Settings, DoubleClick opt-out page, Twitter’s promoted content settings, LinkedIn account settings, and Network Advertising Initiative opt-out page may limit the collection and usage of certain third-party Tracking Mechanisms.

Use of Non-Personal Information

The collected Non-Personal Information may be used by us and our affiliated companies for a variety of analytic and developmental purposes including to improve and enhance the Site and our products and services, to create new products and services, to customize your experience on the Site and other sites that you visit on the Internet, to identify and/or offer products, services and website functionality that may be of interest to you, and other legitimate business purposes.

 

We may use different kinds of cookies including session ID cookies and persistent cookies.  Session ID cookies are used to personalize your user experience, to determine ways to improve the Site, Site content, and the services offered through the Site.  These cookies are deleted from your hard drive when you close your browser session.  Persistent cookies are used to collect non-personally identifiable information such as Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, platform type, date/time stamp and number of clicks. 

 

You may set your browser to accept cookies, warn you when a cookie is sent, or turn off all cookies (except Flash cookies).  Check your web browser’s help menu or your mobile device settings to find out how.  Some mobile devices store cookies not only in areas connected to the web browsers but also in an app-specific area, so you may have to check your app settings options to determine how to manage or delete cookies stored in these other areas.  If you do not accept cookies, some features, services, or activities available through the Site may not function correctly and you may be unable to access certain content. 

 

We may embed tracking pixels within various pages of the Site to enable use of site analytics.  The site analytics enable us to determine the usage frequency of various areas of the Site and identify areas of the Site for enhancement.  While you are visiting and after you leave the Site, we may use web beacons to notify you of areas of the Site and other aspects of our organization and its affiliated companies in which you may be interested.  Certain tracking pixels and web beacons may be cleared or reset through configuration of your web browser such as by clearing your cache.  We may use ad servers to provide you with offers of possible interest.

 

We use your IP address so that we can send data (such as the pages you request) to you and collect Non-Personal Information during the process.  We aggregate this Non-Personal Information with similar Non-Personal Information collected from other users to track overall visitor traffic patterns and help us understand Site usage and preferred and most frequently used pages, products and services, to provide you with better service, to improve Site use and functionality, and to provide you with information on other products and services that may be of interest to you. 

 

We may analyze Non-Personal Information in the aggregate to study outcomes, costs, and provider profiles, and to suggest benefit designs for employers or health plans.  These studies may generate Aggregate Data (described below) which we may utilize for a variety of purposes. 

 

We may perform statistical analyses of the traffic patterns, Site usage, and behaviors associated with the Site.  We may use these analyses to generate Aggregate Data from the original Non-Personal Information.  We may combine, separate, aggregate, or otherwise parse and process Non-Personal Information.  The parsing and processing of such information may generate Aggregate Data.  “Aggregate Data” is summary level data, such as the number of web visitors in a specific geographic area.  Aggregate Data does not contain information that can be used to identify or contact you, such as your name, address, telephone number or e-mail address, and does not reflect the original form of the Non-Personal Information collected from you. 

 

Disclosure of Non-Personal Information

We may disclose Non-Personal Information as follows:

  • We may share Non-Personal Information with our affiliated companies, third parties who provide services to us, and other parties that you have authorized.
  • We may disclose Aggregate Data to other companies or organizations for any legitimate business purpose.
  • We may disclose products and services developed using the Non-Personal Information, including products and services that disclose anonymous and/or deidentified Site data for any legitimate business purpose.
  • We will not sell your Non-Personal Information to other companies or organizations.

 

“Do No Track” Signals and Similar Mechanisms

Our Site does not respond to web browser “do not track” signals and similar mechanisms.  However, you may control certain Tracking Mechanisms as described above.

 

TRANSFER OF PERSONAL INFORMATION AND NON-PERSONAL INFORMATION

All Personal Information and Non-Personal Information obtained through our Site are owned by us.  Accordingly, if we are acquired, merge with another entity, or divest one or more of our businesses, affiliates or subsidiary companies, the Sites, and any Personal Information and Non-Personal Information obtained through them, may be transferred to an applicable entity for the purpose of continuation of services, in accordance with applicable law.

 

RETENTION AND DESTRUCTION OF PERSONAL INFORMATION

Subject to any applicable business, legal, or regulatory requirements, we securely destroy Personal Information when it is no longer required to fulfill our services and commitments to you or to enforce our rights or meet our obligations. 

 

THIRD-PARTY USAGE

We may use third parties to: (a) operate and maintain the server(s) on which the Site operates, (b) provide Tracking Mechanism(s) that we embed in or use with the Site, (c) provide advertisements and other information to you about the Site, products, and services through a third-party site based on a prior visit to the Site, (d) analyze communication with us and interactions with the Site, (e) de-identify data, and (f) collect Non-Personal Information from you (e.g., on your interactions and/or experience with the Site and/or us).  The third party may then share the Personal Information, Non-Personal Information, Aggregate Data, and/or other data with us.

 

USAGE BY CHILDREN

Our Site is neither intended for nor designed to attract users who are under the age of 18.  We are committed to preventing the unintentional collection of Personal Information from children under the age of 13.  Any Personal Information of a child under 13 that is provided to us must be provided by a parent or legal guardian, and not by a child under the age of 13 who is using the Site.

 

If you are the parent or legal guardian of a child under the age of 13 whom you have reason to believe has provided his or her own Personal Information to us, you have the right to request the removal of that child's Personal Information from our database.  In order to request such removal, please send an e-mail to privacy@express-scripts.com.  You will be required to verify your identity as the child’s parent or legal guardian in order to have their Personal Information removed.

 

LINKING POLICY

Our Site may contain hyperlinks allowing our users to connect to other websites owned by us and our affiliated companies and websites owned by our third-party vendors, distributors, and providers (“Linked Sites”).  You may also access our Site through a hyperlink embedded in a Linked Site.  We provide hyperlinks to the Linked Sites to enable you to conveniently access websites that may be of interest to you.  Please note that once you click on a hyperlink that transfers you from our Site to a Linked Site, you have left our Site, and this Privacy Policy will immediately cease to apply to any subsequent activity on the Linked Site.  We are under no obligation to notify you when you have left our Site and have accessed a Linked Site.  Use of any Linked Site will be governed by the privacy policy, terms of use, and/or other policies (if any) on the Linked Site.  You may, at your option, participate in surveys or provide other information to our affiliates that control a Linked Site, and that information may be shared with us or with others subject to the privacy policy terms set forth on that Linked Site.  Certain Non-Personal Information that you choose to provide through a Linked Site (such as comments) that is subsequently provided to us by the Linked Site provider in connection with a service engagement may be identifiable to us as your Personal Information.

 

SECURITY STATEMENT

We are committed to protecting the privacy and security of this Site.  We take reasonable technical and procedural precautions to protect the information received by us.  Our Internet infrastructure is protected using industry recognized commercial security products, including current encryption technology, and best practice procedures for maintenance of the website.  In addition, our infrastructure is monitored 24 hours a day, seven days a week.

 

No method of transmission over the Internet or storage of data on an Internet server is 100% secure.  Although we use commercially acceptable and reasonable precautions to protect your information, we do not guarantee its absolute security.

 

YOUR ACCEPTANCE OF THIS PRIVACY POLICY

You are deemed to have assented to the terms and conditions contained in this Privacy Policy when you use the Site and/or when you have indicated in your online registration that you accept the Terms of Use into which this Privacy Policy is incorporated.  You are deemed to have read and accepted this Privacy Policy each time you access the Site and/or the Galileo Website after initial registration by using your login credentials.  If you do not agree to the terms of this Privacy Policy, please do not use the Site.  The terms and conditions contained in this Privacy Policy are subject to and may be superseded by applicable Federal and State laws.

 

RELATIONSHIP TO THE TERMS OF USE

This Privacy Policy, and your and our performance in connection herewith, is further governed by and subject to the Terms of Use for the Site, including but not limited to the disclaimer, limitation of liability, governing law, jurisdiction, and venue provisions set forth therein.

 

CHANGES IN OUR PRIVACY POLICY

We use Personal Information and Non-Personal Information collected from you pursuant to the Site only within the scope of use described in this Privacy Policy.  However, we reserve the right, from time to time in our sole and absolute discretion, to change, to modify, or to add terms or remove terms from this Privacy Policy.  Changes to this Privacy Policy will be reflected when we post a new version number and updated revision date.  The version number includes a major number, a decimal point, and a minor number.  A change to the major number reflects a significant change to the policy, while a change to the minor number reflects a less significant change to the policy.  Examples of significant changes include additional provisions that reflect new Site functionality, significant modifications to existing provisions, and more significant changes to Site functionality that cause provisions to be modified,  added, or removed.  Examples of less significant changes include additional provisions that clarify current Site functionality, minor modifications to existing provisions, and less significant changes to Site functionality that cause provisions to be modified, added, or removed.  

 

We will provide an advance notice of a major change prior to your access of any portion of the Site for which registration is required.  For example, we may (i) require that you reaccept the updated version of the web policies, (ii) send an electronic notification advising of the update to the web policies, (iii) include a notice on the Site viewable without login advising of the update to the web policies, and/or (iv) advise of the updated web policies during a phone call.  We do not ordinarily provide advance notice of a minor change.

 

We recommend that you check the version number and revision date prior to using the Site, and that you review this Privacy Policy on a frequent basis.  Your continued use of the Site and/or utilization of any Site benefits after this Privacy Policy has been updated (and after advance notice for a major change) indicates your agreement and acceptance of the updated version of the Privacy Policy.

 

POLICY COMMENTS AND ASSISTANCE

We welcome your questions and comments on this Privacy Policy and the Terms of Use.  If you have general comments regarding these policies, please e-mail us at distribution.communications@curascript.com.  Specific questions regarding the enforcement of these policies should be directed to privacy@express-scripts.com.  For technical assistance with the Site, please contact our technical support by calling 877-599-7748.