Privacy Policy

Last updated: May 8, 2026

1. Who we are

RX Library is a digital telehealth platform operated by Proven Theory LLC (“we,” “us,” “RX Library”). We connect patients with independent licensed clinicians who provide telehealth consultations and, when clinically appropriate, prescribe medications dispensed by partner pharmacies.

2. Information we collect

We collect the following categories of information:

  • Account info: name, email, phone, date of birth, address.
  • Health info (PHI): medical history, current medications, allergies, biometrics, and intake questionnaire responses.
  • Identity verification: a government-issued ID image processed through Stripe Identity.
  • Payment info: last four digits of card and Stripe customer ID. Full card numbers are handled by Stripe and never stored on our servers.
  • Usage data: pages visited, device type, IP address (for security and abuse prevention).

3. How we use your information

We use your information to: (a) match you with a licensed clinician, (b) facilitate the consultation, (c) transmit prescriptions to a partner pharmacy on your behalf, (d) process payment, (e) communicate about your treatment, and (f) comply with legal obligations.

4. Who we share information with

We share your protected health information (PHI) only as necessary:

  • The independent licensed clinician evaluating your case (via our provider network partner, MD Integrations).
  • Partner pharmacies that dispense your prescription.
  • Service providers under HIPAA Business Associate Agreements (Medplum, AWS, Stripe, SendGrid, Twilio).
  • Legal/regulatory bodies when required by law.

We do not sell your information. We do not share PHI for advertising.

5. HIPAA

RX Library follows the HIPAA Privacy and Security Rules. Your PHI is encrypted at rest (AWS KMS) and in transit (TLS 1.3). We maintain audit logs of every access to PHI. You have the right to request a copy of your records, request corrections, and request deletion (subject to legal retention requirements).

6. Your choices and rights

You may access, correct, or delete your information by signing in and visiting your profile, or by emailing us at privacy@pharmacytime.com. California residents have additional rights under the CCPA; EEA/UK residents have rights under the GDPR.

7. Cookies and tracking

We use cookies essential to the operation of the service (authentication, CSRF protection). We do not use third-party advertising cookies. Analytics, when used, are first-party and aggregated.

8. Data retention

Medical records are retained for the period required by state law (typically 7 years for adults, longer for minors). Account info is retained as long as your account is active. You may request deletion subject to retention requirements.

9. Children

RX Library is not intended for individuals under 18. We do not knowingly collect information from children.

10. Changes to this policy

We will notify you of material changes by email and/or by an in-app notice. Continued use after an update constitutes acceptance.

11. Contact

Questions about this policy or your information:
Proven Theory LLC
privacy@pharmacytime.com