Last updated: April 28, 2025
This Privacy Policy for California Residents supplements the information contained in SiteRx’s Privacy Policy and applies solely to all visitors, users, job applicants, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act, and their implementing regulations (collectively referred to as “CCPA”) and any terms defined in the CCPA have the same meaning when used in this Policy. For purposes of this Privacy Policy for California Residents, the term “personal information” does not include: (a) information subject to HIPAA or the California Confidentiality of Medical Information Act; (b) deidentified or aggregated consumer information; or (c) publicly available information that (i) has been lawfully made available from government records; (ii) we have a reasonable basis to believe has lawfully been made available to the general public by you or from widely distributed media; or (iii) has been made available by a person to whom you disclosed the information unless you restricted such information to a specific audience.
I. Notice at Collection
This Notice at Collection (“Notice”) is to inform you that SiteRx is collecting information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”).
Information about the categories of personal information from consumers we have collected within the last twelve (12) months, including the business purposes for which we collect the information, is set forth in the tables below. Of note, SiteRx does not share or sell personal information or sensitive personal information.
Category |
Business Purpose |
Identifiers, such as name and contact information |
Performing services, certain short-term uses, security, marketing or advertising |
California Customer Records personal information, such as name and contact information |
Performing services, certain short-term uses, security |
Protected classification characteristics under California or federal law, such as age, medical condition, and race |
Performing services, certain short-term uses, security |
Professional or employment-related information, if you apply for a job at SiteRx. |
Performing services, certain short-term uses, security, to administer the employment relationship |
Non-public education information, if you apply for a job at SiteRx. |
Performing services, certain short-term uses, security, to administer the employment relationship |
Internet or other similar network activity, such as your browsing history and interactions with our website. |
Performing services, certain short-term uses, security, auditing interactions with our website, debugging, quality and safety maintenance and verification |
Inferences drawn from other personal information. |
Performing services, certain short-term uses |
Sensitive Personal Information Category |
Business Purpose |
Government identifiers (social security, driver's license, state identification card, or passport number) |
Performing services, certain short term uses |
Complete account access credentials (user names, account numbers, or card numbers combined with required access/security code or password) |
Performing services, certain short-term uses, security, auditing interactions with our website, debugging, quality and safety maintenance and verification |
Racial or ethnic origin |
Performing services, certain short term uses |
Genetic data |
Performing services, certain short term uses |
Health, sex life, or sexual orientation information |
Performing services, certain short term uses |
We obtain the categories of personal information listed above from the following categories of sources:
We may use the personal information we collect for one or more of the following purposes:
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
We do not sell personal information or sensitive personal information.
We may disclose your personal information to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed personal information for a business purpose to the categories of third parties indicated in the chart below.
Personal Information Category |
Business Purpose Disclosures |
Categories of Third Party Recipients |
Identifiers. |
|
|
California Customer Records personal information categories. |
|
|
Protected classification characteristics under California or federal law. |
|
|
Internet or other similar network activity. |
|
|
Professional or employment-related information. |
|
|
Non-public education information. |
|
|
Inferences drawn from other personal information. |
|
|
Sensitive Personal Information Category |
Business Purpose Disclosures |
Categories of Third Party Recipients |
Government identifiers (social security, driver's license, state identification card, or passport number) |
|
None |
Complete account access credentials (user names, account numbers, or card numbers combined with required access/security code or password) |
|
|
Racial or ethnic origin |
|
|
Genetic data |
|
|
Mail, email, or text messages contents not directed to us |
|
None |
Health, sex life, or sexual orientation information |
|
|
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know, Delete, or Correct), we will disclose to you:
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know, Delete, or Correct), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
You have the right to correct inaccurate personal information we maintain about you. We will use commercially reasonable efforts to correct such inaccurate personal information. Once we receive a correction request and confirm your identity (see Exercising Your Rights to Know, Delete, or Correct), we will review the contested information’s accuracy, considering the totality of the circumstances, and determine if it is more likely than not that the personal information we maintain is inaccurate. We will review and consider any documentation you provide to support your correction request and encourage you to make a good faith effort to provide us with all necessary information during the request submission process. If we determine it is more likely than not that the personal information is inaccurate, we will correct such information on our systems and instruct all service providers and contractors to whom such personal information was disclosed to make the necessary corrections in their respective systems.
Alternatively, we may delete the contested personal information instead of correcting it when either:
We may deny your correction request if:
To exercise your rights to know, delete, or correct described above, please submit a request by e-mailing us at privacy@siterx.com.
Only you, or someone legally authorized to act on your behalf, may make a request to know, delete, or correct related to your personal information.
You may only submit a request to know twice within a 12-month period. Your request to know, delete, or correct must:
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
You do not need to create an account with us to submit a request to know, delete, or correct.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact privacy@siterx.com.
We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
SiteRx only uses and discloses your sensitive personal information for statutorily-permitted purposes. Therefore, SiteRx does not offer you the ability to request that we limit our uses and disclosures of your sensitive personal information.
As aforementioned, SiteRx does not sell personal information or “share” such information as “sharing” is defined under the CCPA. Therefore, we do not offer a process for opting out of such selling/sharing.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@siterx.com or write us at: siterx.com/contact.
We reserve the right to amend this notice at our discretion and at any time. When we make changes to this notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our services following the posting of changes constitutes your acceptance of such changes.
If you have any questions or comments about this notice, the ways in which SiteRx collects and uses your information described here and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Website: siterx.com
Email: privacy@siterx.com
Postal Address: SiteRx, Inc.
Attn: Privacy Office
101 Sixth Avenue, Floor 10, New York, NY 10013
If you need to access this Policy in an alternative format due to having a disability, please contact us via any of the methods provided.