Privacy Policy

Privacy Policy

How DynomedRx collects, uses, stores, and protects your information

Effective Date: Pending Final Review

Last Updated: May 27, 2026

Version: 1.0

Jurisdiction: United States

Website: https://dynomedrx.com

Email: support@dynomedrx.com

Plain-Language Summary

DynomedRx is a pharmacy inventory audit and reconciliation platform built for independent pharmacies. Our service helps pharmacies compare billed prescription claims against purchased inventory, identify potential discrepancies, and prepare for PBM audit risk.

We collect only the information necessary to operate DynomedRx. We do not sell your data. We use your information only to provide, secure, support, and improve the service you subscribed to. Uploaded pharmacy files are used for audit and reconciliation purposes. Uploaded report files and generated reports expire and are deleted after seven (7) days, unless a different retention period is required by law, contract, security, or account administration needs.

If your use of DynomedRx involves Protected Health Information, a Business Associate Agreement may be required before using the service.

1. Introduction and Scope

DynomedRx ("DynomedRx," "we," "us," or "our") is committed to protecting the privacy, confidentiality, and security of information submitted through our website, application, platform, and related services.

This Privacy Policy explains how we collect, use, store, protect, disclose, and retain information when you access or use DynomedRx, including any related websites, software, reports, support services, or subscription services, collectively referred to as the "Service."

This Privacy Policy applies to pharmacies, pharmacy owners, pharmacy operators, employees, contractors, authorized users, and any other individual or entity that accesses or uses the Service.

By using DynomedRx, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, you should not use the Service.

2. Information We Collect

DynomedRx collects only the information reasonably necessary to provide and support the Service.

2.1 Information You Provide to Us

We may collect the following categories of information:

Account and Registration Information

This may include your name, business name, pharmacy name, email address, phone number, billing address, username, password, and other account-related information.

Pharmacy and Business Information

This may include pharmacy name, store location, contact information, NPI number, DEA number, state license information, wholesaler relationships, and other business identifiers needed to operate the Service.

Uploaded Pharmacy Data

This may include prescription claims files, billed claim data, NDCs, quantities dispensed, dates of service, wholesaler invoice data, purchase records, supplier data, and other pharmacy operational records uploaded for inventory audit, claim reconciliation, discrepancy detection, or related reporting.

Billing and Payment Information

Payment information may be processed by a third-party payment processor. DynomedRx does not intentionally store full credit card numbers on its own servers.

Support and Communication Information

This may include emails, support requests, messages, feedback, troubleshooting details, and other communications you send to us.

2.2 Information Collected Automatically

When you use the Service, we may automatically collect limited technical and usage information, including:

IP address

Browser type and version

Device type

Operating system

Login timestamps

Pages or features accessed

Error logs

System activity logs

Security and authentication events

This information is used to operate, secure, troubleshoot, and improve the Service.

2.3 Information We Do Not Intentionally Collect

DynomedRx is designed to operate with the minimum information necessary. Unless specifically required for the Service and covered by appropriate contractual safeguards, we do not intentionally collect:

Social Security numbers

Personal banking credentials

Biometric identifiers

Government-issued identification numbers unrelated to pharmacy operations

Sensitive personal information unrelated to pharmacy inventory audit or claim reconciliation.

Users are responsible for ensuring that files uploaded to DynomedRx are appropriate for use with the Service and comply with applicable laws, contracts, and pharmacy obligations.

3. How We Use Your Information

DynomedRx uses information only for legitimate business purposes related to operating, securing, supporting, and improving the Service.

3.1 To Provide the Service

We may use information to:

Process uploaded pharmacy and wholesaler files

Compare billed claims against purchased inventory

Generate inventory audit reports

Detect potential claim-to-purchase discrepancies

Identify NDC, RxNorm, quantity, purchase, or billing mismatches

Support PBM audit preparation and internal pharmacy review

Maintain user accounts and subscriptions

Provide access to platform features

Deliver reports and related outputs

3.2 To Communicate With You

We may use your information to:

Send account confirmations

Send subscription and invoice-related communications

Respond to support requests

Provide technical assistance

Notify you of security issues

Send administrative notices

Provide important updates about the Service

Notify you of material changes to this Privacy Policy or our Terms of Service

3.3 To Improve and Secure the Service

We may use information to:

Monitor platform performance

Troubleshoot errors

Improve functionality

Develop new features

Detect unauthorized access

Prevent fraud, abuse, or misuse

Maintain audit logs and security controls

Conduct internal analytics using aggregated or de-identified data where appropriate

3.4 To Comply With Legal Obligations

We may use information to:

Comply with applicable laws and regulations

Respond to valid legal process

Enforce our Terms of Service

Protect the rights, property, and safety of DynomedRx, users, pharmacies, and others

Establish, exercise, or defend legal claims

4. Uploaded Pharmacy Data

Uploaded Pharmacy Data may include sensitive pharmacy operational information, including prescription claim records, NDC data, wholesaler purchase records, invoice files, and related pharmacy business data.

DynomedRx uses Uploaded Pharmacy Data only to provide the Service, including claim-to-purchase reconciliation, inventory audit analysis, discrepancy reporting, and related support.

DynomedRx does not sell Uploaded Pharmacy Data. DynomedRx does not use Uploaded Pharmacy Data for advertising, unrelated marketing, or resale to third parties.

5. Data Retention

DynomedRx retains different categories of information for different periods depending on the purpose of collection, operational needs, legal obligations, and contractual requirements.

5.1 Uploaded Pharmacy Data

Uploaded Pharmacy Data is retained only as long as reasonably necessary to provide the Service, generate reports, support troubleshooting, maintain security, or comply with legal obligations.

DynomedRx may implement automatic deletion periods for uploaded files. Uploaded report files and generated reports currently expire and are deleted after seven (7) days, unless a different period is required by your subscription plan, service configuration, written agreement, law, security, or account administration needs.

Unless otherwise stated in a written agreement, users are responsible for downloading and preserving any reports, exports, or records they need for their own business, legal, audit, or compliance purposes.

5.2 Account Information

Account and profile information may be retained for the duration of your account and for a reasonable period after account closure to support account administration, dispute resolution, legal compliance, and business recordkeeping.

5.3 Billing Records

Billing, invoice, subscription, and payment-related records may be retained as required for tax, accounting, legal, and compliance purposes.

5.4 Support Communications

Support tickets, emails, and other communications may be retained for customer service, training, dispute resolution, and quality assurance purposes.

5.5 Security Logs

System logs, login records, audit trails, and security records may be retained as necessary to protect the Service, investigate suspicious activity, and comply with legal obligations.

5.6 De-Identified or Aggregated Data

DynomedRx may retain aggregated, anonymized, or de-identified data that does not reasonably identify a specific user, pharmacy, patient, or individual.

6. How We Share Information

DynomedRx does not sell, rent, lease, or trade your personal information or Uploaded Pharmacy Data.

We may share information only in the limited circumstances described below

6.1 Service Providers

DynomedRx may use carefully selected third-party service providers to help operate the Service. These may include providers for:

Cloud hosting

Authentication;

Payment processing

Email delivery

Error monitoring

Security tools

Customer support

Analytics and infrastructure

These providers are permitted to use information only as necessary to provide services to DynomedRx and are not authorized to sell or use your information for unrelated purposes.

6.2 Legal Requirements

We may disclose information if required to do so by law, subpoena, court order, regulatory request, or other valid legal process.

Where legally permitted, DynomedRx will make reasonable efforts to notify affected users before disclosing information in response to legal process.

6.3 Business Transfers

If DynomedRx is involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of assets, or similar business transaction, information may be transferred as part of that transaction. Any successor entity will be expected to handle information in a manner consistent with this Privacy Policy unless users are notified otherwise.

6.4 Protection of Rights and Security

We may disclose information when reasonably necessary to protect the rights, property, or safety of DynomedRx, our users, pharmacies, patients, the public, or others.

7. Data Security

DynomedRx uses technical, administrative, and organizational safeguards designed to protect information from unauthorized access, disclosure, alteration, or destruction.

These safeguards may include:

Encryption of data in transit

Encryption of stored data where appropriate

Access controls

Role-based permissions

Authentication safeguards

Monitoring and logging

Secure cloud infrastructure

Restricted administrative access

Vendor review and oversight

Security incident response procedures

No internet-based system can be guaranteed to be completely secure. Users are responsible for maintaining the confidentiality of their login credentials and for ensuring that only authorized personnel access their DynomedRx account.

You should notify DynomedRx immediately if you believe your account has been compromised or accessed without authorization.

8. HIPAA and Healthcare Data

DynomedRx may receive or process pharmacy data that could include Protected Health Information as defined by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, collectively referred to as "HIPAA."

8.1 Business Associate Agreement

If your use of DynomedRx involves the creation, receipt, maintenance, or transmission of Protected Health Information on behalf of a covered entity or business associate, a Business Associate Agreement may be required before such information is uploaded or processed through the Service.

Users should not upload Protected Health Information to DynomedRx unless an appropriate Business Associate Agreement is in place, or unless the data has been properly de-identified in accordance with applicable law.

8.2 Minimum Necessary Standard

Where HIPAA applies and a Business Associate Agreement is in effect, DynomedRx will use and disclose Protected Health Information only as permitted by the applicable agreement and only to the extent reasonably necessary to provide the Service.

8.3 User Responsibility

Users are responsible for determining whether their uploaded files contain Protected Health Information and whether their use of the Service complies with HIPAA, state privacy laws, payer contracts, pharmacy obligations, and other applicable requirements.

9. Cookies and Tracking Technologies

DynomedRx may use cookies and similar technologies to operate and improve the Service.

9.1 Types of Cookies We May Use

Strictly Necessary Cookies

These are required for login, authentication, session management, security, and core platform functionality.

Functional Cookies

These may remember user preferences, settings, and interface choices

Analytics Cookies

These may help us understand how users interact with the Service so we can improve performance and usability.

9.2 What We Do Not Use

DynomedRx does not use Uploaded Pharmacy Data for advertising. DynomedRx does not sell personal information to advertisers or data brokers.

9.3 Managing Cookies

You may control cookies through your browser settings. Disabling certain cookies may prevent the Service from functioning properly.

10. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information.

These rights may include:

The right to access personal information we maintain about you

The right to correct inaccurate information

The right to request deletion of certain information

The right to receive a copy of certain information

The right to object to or restrict certain processing

The right to opt out of marketing communications

The right not to be discriminated against for exercising privacy rights

To exercise privacy rights, contact DynomedRx using the contact information listed below. We may need to verify your identity before processing your request.

Certain information may be retained where required for legal, tax, accounting, security, contractual, or legitimate business purposes.

11. California Privacy Notice

If you are a California resident, you may have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act.

DynomedRx does not sell personal information. DynomedRx does not share personal information for cross-context behavioral advertising.

California residents may have the right to:

Know what categories of personal information are collected

Know the purposes for which personal information is used

Request access to personal information

Request correction of inaccurate personal information

Request deletion of personal information

Opt out of sale or sharing, where applicable

Limit use of sensitive personal information, where applicable

Be free from discrimination for exercising privacy rights

To submit a California privacy request, contact us using the information below and include "California Privacy Request" in the subject line.

12. Children's Privacy

DynomedRx is intended for use by businesses, pharmacies, and authorized pharmacy personnel. The Service is not intended for children or individuals under the age of 18.

We do not knowingly collect personal information from children. If you believe a child has provided personal information to DynomedRx, contact us and we will take appropriate steps to delete the information.

13. Third-Party Links and Integrations

The Service may contain links to third-party websites, tools, systems, or integrations. DynomedRx is not responsible for the privacy practices, security practices, or content of third-party services.

Users should review the privacy policies and terms of any third-party service before using it or submitting information to it.

14. International Users

DynomedRx is operated from the United States and is intended primarily for use by United States-based pharmacy businesses.

If you access the Service from outside the United States, you understand that your information may be processed and stored in the United States, where privacy laws may differ from those in your jurisdiction.

15. Updates to This Privacy Policy

DynomedRx may update this Privacy Policy from time to time. When we make material changes, we may notify users by email, through the Service, or by posting an updated version on our website.

The "Last Updated" date at the top of this Privacy Policy indicates when it was most recently revised.

Your continued use of the Service after an updated Privacy Policy becomes effective means you acknowledge the updated policy.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or DynomedRx's data practices, contact us at:

DynomedRx

Email: support@dynomedrx.com

Website: https://dynomedrx.com

For privacy-related requests, please include "Privacy Request" in the subject line

17. Legal Disclaimer

This Privacy Policy is provided as a general framework for DynomedRx and should be reviewed by a qualified attorney before publication or use. This document does not constitute legal advice and may need to be revised based on DynomedRx's final product features, data retention practices, hosting providers, payment processor, state-specific obligations, HIPAA status, and executed customer agreements.