Privacy Policy

1. Introduction

This Privacy Policy describes how Tessera Rx and its affiliated entities, together with the affiliated professional medical corporation that provides clinical services (collectively, “Tessera Rx,” “we,” “us,” or “our”), collect, use, and share information about you when you visit our website (the “Site”). By using the Site, you consent to the practices described in this Privacy Policy.

2. Definitions

• “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
• “Protected Health Information” or “PHI” means individually identifiable health information that is transmitted or maintained by electronic or other media.
• “Processing” means any operation or set of operations performed on Personal Information.
• “Service Providers” means third-party entities that process Personal Information on our behalf.
• “Site” means the website operated by Tessera Rx, including all features, functionality, and content available through the domain and all related subdomains.

3. Information We Collect

3.1 Personal Information

We may collect personal information that you voluntarily provide to us, such as:

• Contact information (name, email address, phone number, postal address)
• Account information (username, password)
• Profile information (preferences, interests)
• Payment information (credit card details, billing address)
• Health-related information (medical history, symptoms, treatment information)
• Communications (emails, chat messages, feedback)
• Any other information you choose to provide

3.2 Automatically Collected Information

When you visit the Site, we automatically collect certain information about your device, including device information (browser type, operating system, device type), usage data (pages visited, time spent, referring website), location data (IP address, general geographic location), and log data (error reports, activity patterns).

3.3 Cookies and Similar Technologies

Cookies are small data files placed on your device when you visit a website. We use essential cookies (required for the Site to function), preference cookies (to remember your settings), analytics cookies (to understand how visitors use the Site, including Google Analytics), and marketing cookies (to display relevant ads, including Google Ads and Meta Pixel).

Most web browsers are set to accept cookies by default. You can choose to set your browser to remove or reject cookies, manage your cookie preferences via the link in our footer, or use opt-out tools such as Google Analytics opt-out. Removing or rejecting cookies could affect the availability and functionality of the Site.

4. Use of Artificial Intelligence

Tessera Rx uses artificial intelligence (“AI”) technologies to enhance our services, improve user experience, and process information. This may include using AI to analyze user interactions, process and respond to inquiries, assist in content generation, enhance security, provide our services, and develop new features. We implement appropriate safeguards, including human review of AI-generated content where appropriate. We do not use AI to make automated decisions that significantly affect you without human oversight.

5. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Site
• Process transactions and send related information
• Respond to comments, questions, and requests
• Send confirmations, technical notices, updates, security alerts, and support messages
• Communicate about products, services, offers, promotions, and events
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Protect the rights and property of Tessera Rx and others
• Comply with legal obligations
• Facilitate coordination of care between healthcare providers

6. Information Sharing

Tessera Rx processes information for the affiliated professional medical corporation that delivers clinical services (the “Practice”). We may share your information with:

• The Practice and other professional medical corporations with which we have a business relationship
• Service providers (payment processors, hosting providers, analytics providers)
• Professional advisors (lawyers, bankers, auditors, insurers)
• Government authorities if required by law or to protect our rights
• Business partners with your consent
• In connection with a business transaction (such as a merger, acquisition, or sale of assets)

The disclosure of protected health information is governed by the Notice of Patient Privacy Practices.

6.1 Categories of Service Providers

• Cloud storage providers
• Payment processors
• Analytics providers
• Customer support services
• Email and communication providers
• Marketing and advertising partners
• Security and fraud prevention services

6.2 Information Sharing for Business Purposes

We do not sell your personal information to third parties as “selling” is traditionally defined. We only share your information with third parties as necessary to provide the Services to you. Text messaging originator opt-in data and consent will not be shared with any third parties for the purpose of third-party marketing. To the extent state laws define “selling” more broadly, you have the right to opt out of such “selling” as described below.

7. Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include encryption in transit and at rest, secure servers and networks with firewalls, regular security assessments, employee training, access controls, physical security measures, and regular backups. However, the transmission of information via the internet is not completely secure. Any transmission of personal information is at your own risk.

8. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify you via email and/or prominent notice on our Site within 72 hours of discovering the breach, include information about the breach, notify relevant regulatory authorities as required by applicable law, and provide credit monitoring services if appropriate.

9. Data Retention

We will retain your personal information only for as long as reasonably necessary to fulfill the purposes for which it was collected, including legal, regulatory, tax, accounting, or reporting requirements. Specific retention periods include:

• Account information: For the duration of your account plus 7 years
• Transaction information: 7 years for tax and accounting purposes
• Communications with us: 3 years from the date of communication
• Marketing preferences: Until you opt out or request deletion
• Device and usage data: 13 months

10. Your Privacy Rights

10.1 General Rights

Regardless of your location, you may contact us at any time to:

• Request access to your personal information
• Request correction of your personal information
• Request deletion of your personal information
• Object to our processing of your personal information
• Request that we restrict our processing
• Request data portability
• Opt out of marketing communications

To exercise these rights, please contact us at legal@tesserarx.com.

10.2 State-Specific Rights

As we grow, we may become subject to various state privacy laws. When applicable, we will comply with state-specific privacy requirements and update this policy accordingly.

10.3 Opt-Out Procedures

Marketing Communications: You can opt out by clicking the “unsubscribe” link in any marketing email, emailing us at legal@tesserarx.com with the subject line “Opt Out of Marketing,” or updating your account settings.

Targeted Advertising: Visit the Digital Advertising Alliance’s opt-out portal at aboutads.info/choices, the Network Advertising Initiative at networkadvertising.org/choices, or adjust your iOS or Android device tracking settings.

11. International Data Transfers

Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. You must be located in the United States to be a user of Tessera Rx services. If you are located outside the United States and choose to provide information to us, we transfer the information to the United States and process it there.

12. Automated Decision Making

We may use automated decision-making processes for fraud detection, security monitoring, and customizing content and recommendations based on your browsing history and preferences. You have the right not to be subject to a decision based solely on automated processing that produces legal effects concerning you. To exercise this right, please contact us at legal@tesserarx.com.

13. Children’s Privacy

The Site is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected personal information from a child under 13 without verification of parental consent, we will delete that information.

14. Third-Party Links

The Site may contain links to third-party websites and services. We are not responsible for the content or privacy practices of those websites or services. We encourage you to read their privacy policies.

15. Changes to Our Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Effective Date” at the top. For material changes, we will provide additional notice, such as via email or a prominent notice on our Site.

16. Contact Information

If you have any questions about this Privacy Policy, please contact us at legal@tesserarx.com.