LEGAL · PRIVACY
Privacy Policy
Last updated: July 5, 2026
1. The short version
- We never sell your data. Ever.
- We don't need your name or insurance to show prices.
- Account-only data (saved drugs, alerts) lives encrypted in the U.S.
- Optional analytics are privacy-first (no cross-site tracking).
2. What we collect
Anonymous searches — drug name, ZIP code (optional), so we can return relevant prices. Stored aggregated only.
Account data — email, password hash, saved drugs, price alert preferences. Used only to operate the service.
Server logs — IP, user agent, timestamps. Retained 30 days for security.
3. What we do NOT collect
- Your name (unless you give it to us).
- Your insurance information.
- Your medical history or prescription records from pharmacies.
- Cross-site tracking cookies.
4. How we share data
Only with infrastructure subprocessors needed to run the service (hosting, email delivery). We never sell or rent personal data to advertisers, data brokers, or pharmaceutical companies.
5. Your rights (CCPA / GDPR / POPIA)
You can request a copy, correction, or deletion of your data anytime by emailing privacy@betterbuyrx.com. We respond within 30 days (GDPR/POPIA) or 45 days (CCPA/CPRA), whichever deadline applies to your jurisdiction.
California (CCPA/CPRA): right to know, delete, correct, opt out of sale/sharing (we don't sell, but we honor the request formally), limit sensitive PI use, portability, and non-discrimination. See our Do Not Sell or Share My Data page for the one-click flow.
EU/UK (GDPR/UK GDPR): right of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21), and to lodge a complaint with your national data protection authority (Art. 77). Legal basis for processing account data is contract (Art. 6(1)(b)); for anonymous searches it is legitimate interest (Art. 6(1)(f)).
South Africa (POPIA): right to access, correct, delete, and object to processing. Complaints can be lodged with the Information Regulator (South Africa).
We honor the Global Privacy Control (GPC) browser signal as a binding opt-out under CPRA §1798.135(b)(1).
6. Subprocessors
We use the following infrastructure subprocessors to run the service. Data is stored in the United States unless noted. We have data processing agreements in place where required.
- Supabase — Postgres database + authentication + storage + edge functions. Region: US-East. Purpose: account data, saved drugs, price alerts, contact form submissions.
- Cloudflare — CDN, DDoS protection, Workers runtime for the BetterBuyRx website. Purpose: serving the site + SSR.
- Lovable AI Gateway — gateway that proxies our AI assistant requests to Google's Gemini models. Purpose: chat + prescription photo OCR. Content is transient and not retained by Lovable for training.
- Jina Reader — fetches public pharmacy pages as clean markdown so our extractor can read prices. No personal data is sent — only the pharmacy URL.
- Stripe — payment processing for optional donations. We never see or store card numbers.
We give registered users at least 30 days' notice before adding a new subprocessor that will process their personal data, and we accept objections at privacy@betterbuyrx.com. If you object we will work in good faith to find an alternative; if none is available we may need to terminate the affected service.
7. International data transfers
Personal data may be transferred to the United States (where our subprocessors operate). For visitors in the EU/UK, we rely on the EU-U.S. Data Privacy Framework (where the subprocessor is certified) and the Standard Contractual Clauses approved by the European Commission (Decision 2021/914) as the transfer mechanism.
8. Retention
- Account data: kept for the life of your account. Deletion is permanent.
- Server logs: 30 days.
- Contact form submissions: 90 days, then hard-deleted.
- Anonymized search analytics: indefinite (aggregated, not tied to you).
9. Security
Data is encrypted in transit (TLS 1.2+) and at rest in Supabase Postgres. We use row-level security policies to isolate user data. We do not have access to your password (only a bcrypt hash). Access to production is limited to authenticated maintainers.
10. Data breach notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users without undue delay and supervisory authorities within 72 hours where required (GDPR Art. 33/34, CPRA §1798.82).
11. Children
BetterBuyRx is not directed at children under 13. We do not knowingly collect their data.
12. Changes
If we materially change this policy, we'll email registered users 30 days before the change takes effect.
