Transform your health journey — Take the Quiz →
Scripts Rx Direct

Privacy Policy

Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

Last Updated: March 24, 2026

1. Introduction

ScriptsRx Direct, operated by Breakthrough Health LLC ("Company," "we," "us," or "our"), is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our website, applications, and services (collectively, the "Services").

This Privacy Policy applies to all users of the Services, including patients, visitors, and prospective patients. For information specifically related to the use and disclosure of your Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA), please also review our HIPAA Notice of Privacy Practices.

2. Information We Collect

2.1 Personal Information You Provide

We collect information you voluntarily provide, including:

  • Identity Information: Full name, date of birth, gender, government-issued identification
  • Contact Information: Email address, phone number, mailing address, shipping address
  • Medical Information: Medical history, current medications, allergies, health conditions, symptoms, treatment goals, laboratory results, and other health-related information provided during intake and consultations
  • Payment Information: Credit card numbers, billing address, and other payment details (processed securely through PCI-compliant payment processors)
  • Account Information: Username, password, and account preferences
  • Communication Records: Messages, emails, and other communications with our team or healthcare providers

2.2 Information Collected Automatically

When you access the Services, we automatically collect:

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent, click patterns, referring URLs
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance your experience and collect usage data
  • Location Data: General geographic location based on IP address (used to verify state of residence for telehealth compliance)

2.3 Information from Third Parties

We may receive information from:

  • Healthcare providers who conduct your medical consultations
  • Pharmacy partners who fulfill your prescriptions
  • Payment processors who handle your transactions
  • Analytics providers who help us understand site usage

3. How We Use Your Information

We use collected information for the following purposes:

  • Service Delivery: To facilitate telehealth consultations, process orders, fulfill prescriptions, and provide customer support
  • Medical Care Coordination: To share relevant medical information with your treating healthcare provider and pharmacy for treatment purposes
  • Payment Processing: To process payments, prevent fraud, and manage billing
  • Communication: To send order confirmations, shipping updates, appointment reminders, and respond to inquiries
  • Compliance: To comply with legal obligations, including state and federal healthcare regulations, pharmacy laws, and telehealth requirements
  • Improvement: To analyze usage patterns, improve our Services, and develop new features
  • Safety: To detect, prevent, and address fraud, security issues, and technical problems
  • Marketing: To send promotional communications (with your consent and opt-out options)

4. How We Share Your Information

4.1 Healthcare Providers

We share your medical and personal information with licensed healthcare providers who conduct your medical evaluations and make prescribing decisions. This sharing is necessary for treatment purposes and is permitted under HIPAA.

4.2 Pharmacy Partners

We share prescription and shipping information with our licensed 503A compounding pharmacy partners for prescription fulfillment. This sharing is necessary for treatment and healthcare operations.

4.3 Service Providers

We share information with trusted third-party service providers who assist in operating our Services, including:

  • Payment processors (PCI-compliant)
  • Cloud hosting and data storage providers (HIPAA-compliant)
  • Customer support platforms
  • Email and communication services
  • Analytics providers

All service providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed. Where applicable, Business Associate Agreements (BAAs) are in place as required by HIPAA.

4.4 Administrative and Technical Support

Your information may be accessed by administrative staff and technical support personnel affiliated with or having access to our healthcare technology platform (Gen-Health) for the purpose of supporting your care, managing your account, and ensuring system functionality.

4.5 Legal Requirements

We may disclose your information when required by law, including:

  • In response to valid legal process (subpoenas, court orders)
  • To comply with state and federal reporting requirements
  • To protect the rights, property, or safety of ScriptsRx Direct, our users, or others
  • In connection with an investigation of fraud, intellectual property infringement, or other illegal activity

4.6 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change in ownership or control of your personal information.

5. Data Security

We implement appropriate technical, administrative, and physical safeguards to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and authentication requirements
  • Regular security assessments and monitoring
  • Employee training on data privacy and security
  • HIPAA-compliant hosting and infrastructure

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Medical records are retained in accordance with applicable state and federal medical record retention requirements, which typically require retention for a minimum of 6-10 years depending on the state.

7. Your Rights and Choices

7.1 Access and Correction

You have the right to access your personal information and request corrections to inaccurate data. You may update your account information at any time through the patient portal or by contacting us.

7.2 Opt-Out of Marketing

You may opt out of receiving marketing communications by clicking the "unsubscribe" link in any marketing email or by contacting us directly. Please note that opting out of marketing communications does not affect transactional communications related to your orders or medical care.

7.3 Cookie Preferences

Most web browsers allow you to control cookies through their settings. You may disable cookies, but this may affect the functionality of the Services.

7.4 Do Not Track

Some browsers offer a "Do Not Track" feature. We currently do not respond to Do Not Track signals, but we honor opt-out preferences as described in this policy.

7.5 State-Specific Rights

Depending on your state of residence, you may have additional rights under state privacy laws (such as the California Consumer Privacy Act, Virginia Consumer Data Protection Act, or similar state laws). These may include the right to know what personal information we collect, the right to delete your information, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise any state-specific rights, please contact us using the information below.

8. Children's Privacy

The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

9. Third-Party Links

The Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Your continued use of the Services after any changes constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

For questions about this Privacy Policy or to exercise your privacy rights, please contact us at:

ScriptsRx Direct (operated by Breakthrough Health LLC)
6051 Mid Rivers Mall Drive
Cottleville, MO 63304
Email: [email protected]