VITLrx Privacy Policy

Effective Date: May 8, 2025

Welcome to VITL! VITLrx, Inc. (“Vital” “we” “us” or “our”) provides a platform connecting clinics, pharmacies, and other health care providers (“Providers”) and their patients (“Patients”) to enable the fulfillment of e-prescriptions, pharmacy management, and virtual care services (the “Services”). Patients and Providers may be referred to as “you” or “your” in this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy is not a binding contract. Rather, it describes the type of personal data VITLrx collects and how it collects, uses, shares, and protects that personal data. “Personal Data” may mean and include Personal Information, Sensitive Personal Information, and Protected Health Information (“PHI”), each as defined and identified below, and may be collected through our websites at https://www.vitlrx.com/ and www.patients.vitlrx.com (collectively, the “Site”), our mobile applications (“Apps”), and from Patients and Providers who register as End Users to receive Services.

If you desire to receive our Services, you must register as an “End User” and enter into our End User License Agreement (“EULA”). When you register as an End User, and create an “End User Account” you will be asked to provide certain Personal Information such as your name, email address, username, mailing address, and phone number, and to create a user login and password. As an End User, you may also disclose your own or a Patient’s PHI, as covered by the Health Insurance Portability and Privacy Act (“HIPAA”).

Providers maintain and provide their Patients with their own privacy notices pursuant to HIPAA. To the extent we receive PHI directly from a provider, we will have entered into separate agreements with that Provider as required by HIPAA and other applicable laws. To the extent you are a Patient End User, the EULA will contain the terms governing consents, rights, and benefits related to your Personal Data and PHI.

Types of Personal Data Collected:

We may collect the following types of Personal Data with your knowledge and consent:

  1. Personal Information (Contact): Name, email address, screen name, mailing address, and phone number.
  2. Unique Identifiers: Driver’s license number of identification card number, NPI number, professional license number (NP, MD, etc.), and DEA (Drug Enforcement Administration) number, profile picture or other photographs.
  3. Sensitive Personal information: Ethnicity, gender, marital status, and date of birth.
  4. PHI: Past, present or future physical or mental health conditions and current health status, including allergies, weight, height, medication history, surgical history, social history, exercise, activity, sleep, diet, and payment for the provision of health care.
  5. Financial Account Information: Credit card or debit card number, and bank account numbers and routing numbers.
  6. Geolocation information (zip code, street address).
  7. Contents of email, chat rooms, bulletin board postings, and texts.
How We Collect Personal Data With Your Consent

You may voluntarily provide your personal data to us, with your full knowledge and consent, under any of the following methods:

  • When you submit registration forms to activate your End User Account;
  • When you order Services through our Site or Apps;
  • When you communicate with us through emails or texts (IM and SMS); and
  • When you call our telephone support number.
How We Use Personal Data

We use Personal Data through our platform to connect clinics, pharmacies, and End Users to us and to each other and to provide our Services to all of our End User including to:

  • Communicate with Providers and Patients;
  • Facilitate communications and services between Provider and Patient End Users, including enabling Providers to conduct clinical evaluations and enabling Patients to chat with their Providers;
  • Gather geolocation data to identify a user’s locale to enhance our ability to provide Services and to enable Patient/Provider contact;
  • Enable prescribers to browse pharmacy offerings and write prescriptions for their Patients;
  • Enable End Users to pay for Services they purchase;
  • Enable Patients to pay for their medical programming and view Provider instructions;
  • Administer our business, provide, update and improve Services, and develop new Services;
  • Anonymize data for further internal and external use in a manner that does not identify you;
  • Enhance security and prevent fraud or illegal activity;
  • Perform our contractual duties and obligations under separate contracts with our End Users;
  • Ensure compliance with legal obligations under HIPAA, documentation of controlled substances for the DEA, and credentialling a physician to use our platform;
  • Provide user support and customer service; and
  • Perform market research and analytics.
Contracts with Third Parties

We use third party services to process payments and to support our network and operating systems. Your Personal Data may be disclosed to payment processors (e.g., PandaDoc or Stripe) and to credit card processors and banks, but only to the extent necessary to complete your transaction or to support our business and our users. Our contracts with third parties, service providers, and contractors include terms that specify the purposes for which the Personal Data is collected and ensure that these parties provide comparable levels of privacy protection. These contracts stipulate that:

  • Personal Data may only be processed for specified purposes.
  • The third party must maintain the confidentiality and security of the Personal Data.
  • The third party must notify us if they can no longer meet these standards.
  • Personal Data will not be further disclosed except as required by law.
Restrictions on Use of Personal Data
  • We do not sell your Personal Data to third parties.
  • Users may not import personal address books, contacts, or other information to our Site unless specifically required for use of our Site or to use or order Services.
  • Personal Data is not made publicly available to any other users or third parties.
  • We do not advertise on our Site.
Collection of Automated Data
Automated data means data that is collected through electronic/automated technologies such as cookies, web beacons (also known as pixels) and log files, our Site, third party websites, or other online services. Automated data may include your IP address, pages of our Site that you visit, the time and date of your visit, time spent on certain pages, and other statistics. “Cookies” are small files that a website stores on a user’s computer or device. Some of the cookies we use are “session” cookies, meaning that they are automatically deleted from your hard drive after you close your browser at the end of your session. Session cookies are used to optimize performance such as maintaining your logged in status, remembering the contact information you enter, optimizing your experience, and limiting redundant data. We also may use “persistent” cookies, which remain on your computer or device unless deleted by you (or by your browser settings). We may use persistent cookies for various purposes, such as statistical analysis of performance to ensure the ongoing quality of our Services. Most web browsers automatically accept cookies, but you may set your browser to block certain cookies (see below). As required under applicable laws, we will obtain your consent necessary for utilizing cookies or similar tracking technologies. You may opt-in or opt-out of the placement of optional technology going forwards, at any time, via our Cookie Preferences using this link: [cookie link] Our Site may use Google Analytics. You can learn more about Google Analytics’ privacy policy and ways to opt out from Google Analytics tracking by visiting Google Analytics’ website.
Retention Periods
We retain Personal Data for as long as necessary for the purposes outlined in this Privacy Policy. Personal Data will be retained for the duration of your End User relationship with us and to enable us to provide the Services to you. Thereafter, we may retain Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may also retain such Personal Data for archival purposes. Unique identifiers are retained by third party processors for as long as necessary to complete transactions and comply with laws applicable to them. Once Personal Data has been aggregated, de-identified, or anonymized, it is no longer deemed Personal Data and may be retained for a longer period as permitted by law.
Communications Consent and Practices
By utilizing our Services or providing your Personal Data, you acknowledge and consent to the terms of this Privacy Policy. You agree not to provide us with any information of any kind about any other person unless you have that person’s consent or other legal authority.

Telephone Communications

Your telephone communications with may be recorded or monitored for quality control purposes. By communicating with us in this manner, you expressly consent to the recording for such purposes.
Contact Information and Communication
By providing us with your contact information, such as email or telephone number, you agree to be contacted by us at the email or telephone number you provided.
Opt-Out Options – Email
You may opt-out of emails by using the “reply” and ‘unsubscribe” options in the emails.

SMS Terms & Conditions

We do not share your phone number or SMS consent with third parties for their marketing purposes. If you have provided consent to receive text messages from us, you may receive messages related to Services you have ordered, our Site, and other relevant communications. Message frequency may vary based on the type of communication. Standard message and data rates may apply, depending on the carrier’s pricing plan, including potential variations for domestic or international messages.
Opt-In Options SMS
You may opt-in to receive SMS messages from us through the following methods: verbally, online, by submitting an online form, or in writing, by filling out a paper form. You can opt out of receiving text messages at any time.
Collection and Use of Contact Information
When you opt into our text messaging service, we collect your mobile phone number and any other information you provide during the sign-up process. We may also collect data regarding your interaction with our messages, such as confirmation of receipt. This information is used solely for the purpose of sending you the text messages you have consented to receive. The information collected may be used to send you text messages according to your preferences and behaviors. We do not share your mobile phone number or SMS consent with third parties for their own use or marketing purposes under any circumstances.
Opt-Out Options – SMS
You may opt out of receiving text messages at any time by replying with the word “STOP” to any message you receive from us. Upon receiving your opt-out request, we will promptly discontinue sending you text messages. You may also choose to have your name removed from our registration list or cease marketing communications by using the opt-out option in any marketing emails or contacting us using the information provided at the bottom of this Privacy Policy. We will respond to your request in the timeline required by law.
We Do Not Sell Your SMS Data
We do not sell any Personal Information collected through our SMS services, including phone numbers and SMS consents. This Personal Information is used solely for the purposes you consented to when providing it.
Changes to Our Communications Practices
If we make changes to our communications practices, we will update this Privacy Policy and notify you as required by law or our contractual obligations.
Right to Access and Update your Personal Data
You will always have access to the Personal Data you have provided to us. You may access, update, and correct any Personal Data through your End User Account profile page or by contacting us at the “Contact Us” section below and requesting a correction form or requesting that we make the correction or update. Please note that if you exercise your right to remove certain necessary Personal Data from your End User Account profile, or otherwise decline providing certain Personal Data to us, that may impact your ability to order and use certain Services and certain functions on our Site.
Security
To help prevent unauthorized access to your Personal Data we have put in place reasonable security measures, including physical, electronic and managerial procedures to safeguard and secure your Personal Data. Only certain individuals at our company are given access to user Personal Data. We maintain an access log which includes time of access, user details, and the type of data accessed. We do not give third parties outside of our company access to Personal Data without your express consent (e.g., payment processing when purchasing services or to receive support services). To protect the privacy of the Personal Data you transmit through the Service, we use technology that is designed to encrypt the Personal Data before it is transmitted to us using Secure Sockets Layer (SSL) technology or similar encryption technology. However, our Services are run on software, hardware, and networks, any component of which may, from time to time, require maintenance or experience problems or breaches of security beyond our control. Due to the open communication nature of the Internet, we cannot guarantee that communications between us will be free from unauthorized access by third parties. In addition, individuals with access to your computer, phone, or other mobile or other devices may be able to access the Services and your Personal Data, including you PHI that is contained in or transmitted through the Services. It is your responsibility to affirmatively logout from your End User Account when you are not actively using it. It is also your responsibility to secure and prevent unauthorized physical access to your computer, phone and other devices, and to protect the confidentiality of your username, login, and password by implementing security standards on your devices and servers to protect your Personal Data from unauthorized access. If you believe that your Personal Data has been compromised, or if you become aware of a potential security vulnerability in our Services, please contact us as indicated below in the “Contact Us” section.
U.S. Servers
Our servers are hosted in the United States and intended only for users in the United States. We do not knowingly or intentionally transmit data to servers outside of the United States.
Guidelines for Children
We do not specifically collect any information from children, nor do we market our Site or our Services to children. We have no reason to believe that the Site will attract children, or that children will access the Site or provide Personal Information.
U.S. State-Specific Data Privacy Rights
Certain states have additional privacy laws and restrictions that apply to companies doing business in those states if those companies meet certain size, contact, and revenue thresholds. We are not subject to any individual state’s privacy laws.
Policy Updates
This Privacy Policy may change from time to time. This Privacy Policy is in effect as of the Effective Date shown above. If we change this Privacy Policy, we will post the revised version and change the Effective Date to reflect the date on which the new version of our Privacy Policy will apply. If you object to any changes, you must cease using the Site and Services immediately. We encourage you to check our Site regularly for the most up-to-date version of this Privacy Policy.

Contact Us

Email: support@vitlrx.com Telephone Number: 903-884-8579
M

Home

About

Solutions

Contact

Log In

Sign Up

Schedule a Demo