Data Protection

26 Sep

Data Controller and Contact Information

January Jones Rx Savings ("we", "us", "our") is the data controller for personal information processed via january-jones.net.

Owner: Ken Davis

Postal Address: 1700 Coliseum Dr, Hampton, VA 23666, United States

Email: [email protected]

Scope and Applicability

This notice describes how we collect, use, disclose, and protect personal information in connection with january-jones.net and related services that help users compare prices from verified, licensed pharmacies, review generic versus brand medications, and access disease guides and drug information. It applies to visitors located in the United States and, where applicable, to individuals in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland under the General Data Protection Regulation (GDPR) and similar laws.

Categories of Personal Information We Collect

Identifiers: name, email address, IP address, device identifiers, and similar IDs.
Contact Details: email, postal address (if you provide it), and similar information.
Account and Preference Data: saved settings, comparison preferences, alerts, and communications preferences (if such features are offered).
Usage Data: pages visited, links clicked, time stamps, referral URLs, and technical diagnostics.
Cookie and Tracking Data: cookies, web beacons, local storage, and similar technologies.
Inquiry Content: information you include in messages or forms, which may incidentally include health-related queries (e.g., medication names or conditions) that you choose to share.

We do not intentionally collect sensitive personal information (e.g., precise geolocation, government ID, financial account numbers). Any health-related details you voluntarily submit are processed only to respond to your inquiry or provide requested features and are not used to determine eligibility for services.

Purposes and Legal Bases for Processing

Purposes of Use

Service Delivery: to operate the website, provide comparison tools, present dosage and interaction information, and personalize content.
Communications: to respond to inquiries, provide customer support, and send service-related messages.
Analytics and Improvement: to analyze usage, troubleshoot, research, and improve features and performance.
Security and Fraud Prevention: to protect the site, detect and prevent abuse, and ensure integrity.
Legal Compliance: to comply with legal obligations and respond to lawful requests.

GDPR Legal Bases (where applicable)

Consent: for non-essential cookies, certain analytics, and optional communications.
Contract or Pre-Contractual Steps: where processing is necessary to provide requested services or respond to your requests.
Legitimate Interests: to secure, maintain, and optimize our services, balanced against your rights and expectations.
Legal Obligation: to meet recordkeeping and regulatory requirements.

Sources of Personal Information

Directly from You: when you contact us or use site features.
Automatically: via cookies and similar technologies when you browse our site.
Service Providers: aggregated or pseudonymized analytics provided by vendors.

Disclosures to Third Parties

We disclose personal information only as described below and do not sell personal information.

Service Providers/Processors: hosting, security, analytics, communications, and IT support providers under contract and subject to confidentiality obligations.
Legal and Compliance: governmental or regulatory authorities when required by law or to protect rights, safety, and property.
Business Transfers: in connection with a merger, acquisition, or asset transfer, subject to continued protections consistent with this notice.

We do not disclose personal information to data brokers. We do not make decisions that produce legal or similarly significant effects solely based on automated processing.

Cookies and Similar Technologies

We use cookies and similar technologies to operate the site, remember preferences, and measure performance. Non-essential cookies are used with your consent where required by law.

Strictly Necessary Cookies: required for core functionality.
Performance/Analytics Cookies: help us understand usage and improve the site.
Preference Cookies: remember your settings.

You may control cookies via your browser settings and, where applicable, through on-site consent tools. Your browser may offer a Do Not Track (DNT) signal; our site does not currently respond to DNT. State-level opt-out signals will be honored where legally required.

International Data Transfers

If you access the site from outside the United States, your information may be processed in the U.S. and other jurisdictions that may not provide the same level of data protection as your home country. Where GDPR applies, we rely on appropriate safeguards such as standard contractual clauses or official adequacy mechanisms, as applicable, and implement additional technical and organizational measures to protect your information.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this notice, to comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and context; we regularly review and de-identify or delete data when it is no longer needed.

Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including access controls, encryption in transit where appropriate, and secure hosting. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Your Privacy Rights

Rights Under GDPR (EEA/UK/Switzerland)

Access: obtain confirmation and a copy of your personal data.
Rectification: correct inaccurate or incomplete data.
Erasure: request deletion in certain circumstances.
Restriction: limit processing in certain cases.
Objection: object to processing based on legitimate interests and to direct marketing.
Portability: receive data in a structured, commonly used, machine-readable format and transmit it to another controller.
Withdraw Consent: where processing is based on consent, you may withdraw it at any time without affecting prior lawful processing.
Complaint: you may lodge a complaint with a supervisory authority in your habitual residence or place of work.

Rights Under U.S. State Laws (e.g., CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA)

Know/Access: request details about categories and specific pieces of personal information we collected, used, or disclosed.
Correction: request correction of inaccurate personal information.
Deletion: request deletion of personal information, subject to exceptions.
Opt-Out: opt out of the sale or sharing of personal information, targeted advertising, and certain profiling. We do not sell personal information; if practices change, you may opt out at any time.
Limit Use of Sensitive Information: request limits on sensitive personal information where applicable; we do not use sensitive data for inferring characteristics.
Non-Discrimination: you will not receive discriminatory treatment for exercising your rights.
Appeal: if we deny your request, you may submit an appeal; we will explain our decision and how to escalate your appeal.

How to Exercise Your Rights

To exercise any rights, submit a request to [email protected]. Please include your name, the right you wish to exercise, and sufficient details to locate your data. We may need to verify your identity to protect your information, which can include matching information you provide with records we maintain.

Response Times: Where applicable, we will respond within 30 days under GDPR (extendable where permitted) and within 45 days under U.S. state laws (with possible extension as allowed by law). Authorized agents may submit requests on a consumer’s behalf where permitted, subject to verification and proof of authorization.

Children’s Privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. Where GDPR applies, we do not knowingly collect data from children under 16 without appropriate consent. If you believe a child has provided us personal information, contact us to request deletion.

Health-Related Information

We provide tools and information to compare prescription medications and review generic alternatives. We are not a healthcare provider or a covered entity under HIPAA, and this site is not intended to store protected health information as defined by HIPAA. Do not submit detailed medical histories. If you share health-related details in a message or form, we will use them only to respond to your inquiry or provide requested features.

Automated Decision-Making and Profiling

We do not engage in automated decision-making that produces legal or similarly significant effects on individuals, and we do not conduct profiling in furtherance of such decisions.

Do Not Sell or Share My Personal Information

We do not sell personal information. If you wish to exercise a sale/share/targeted advertising opt-out under applicable U.S. laws, contact us at [email protected]. We will honor opt-out preference signals where legally required.

Third-Party Websites and Services

Our site may reference or compare offerings from licensed pharmacies and other third parties. Your interactions with third-party sites are governed by their policies. We encourage you to review their privacy practices before providing personal information.

Changes to This Notice

We may update this notice from time to time to reflect changes in our practices or applicable laws. Material changes will be indicated by updating the effective date and, when required, providing additional notice or obtaining consent.