Privacy Policy
What we collect, why, who sees it, and how to delete it — in plain English.
Version 2.0 · Effective April 2026 · Last updated April 5, 2026
The short version
- ✅ We never sell your health data — not to advertisers, data brokers, or anyone else.
- ✅ Pharmacies only see your medication, dosage, and general area — never your name — until you choose one.
- ✅ Your prescription image is encrypted and auto-deleted after 30 days.
- ✅ You can delete your data anytime from your account settings or by emailing us.
- ✅ Script Unlock is free for patients — pharmacies pay a small fee to bid.
1. What we collect
Information you give us
- Account info: Name, email address, and password when you sign up.
- Prescription data: The photo or scan you upload, plus the medication name, dosage, quantity, prescriber name, and instructions we extract from it.
- Location: Your ZIP code (so we can find nearby pharmacies). We never ask for your full address until you select a pharmacy for delivery.
- Payment info: If you pay through us, your card is processed by Stripe. We never see or store your card number.
- Messages: Anything you send to our support team.
Information we collect automatically
- Device info: Browser type, operating system, screen size, and a general location (country/region) from your IP address. We don't use your IP to identify you personally.
- Usage data: Which pages you visit, which medications you search for, and how far you get in the bid flow. We use this to improve the product — not to profile you.
- Cookies: Small files that keep you logged in and help us understand how the site is used. Details in Section 7.
What counts as Protected Health Information (PHI)
Under HIPAA, PHI is health information that can be linked to you personally. Your medication name alone isn't PHI — but your medication name plus your name, email, or ZIP code is. We treat all prescription data as PHI from the moment you upload it, regardless of what combination of identifiers we have.
2. How we use your information
| What we do | Why |
|---|---|
| Read your prescription and match you with pharmacies | This is the core service — you asked us to find you a better price |
| Send you emails when quotes arrive | So you know when pharmacies have responded |
| Calculate savings estimates | To show you how much you could save vs. retail |
| Improve the product (analytics) | To understand where people get stuck and fix it. We never use PHI for analytics — only anonymized, bucketed data |
| Prevent fraud and abuse | To protect you and our pharmacy partners from bad actors |
| Comply with the law | To meet HIPAA, state pharmacy regulations, and tax requirements |
What we never do
- ❌ Sell your health data to advertisers, data brokers, or anyone else
- ❌ Use your prescription data for targeted advertising
- ❌ Share your data with employers or insurance companies
- ❌ Train AI models on your personal health information
- ❌ Store PHI in your browser (no localStorage, no cookies, no URL parameters)
- ❌ Send PHI to analytics tools — medication searches are logged without identifiers
3. Who we share your data with
Pharmacies — the two-stage model
We don't just hand your prescription to every pharmacy. Sharing happens in two carefully controlled stages:
Stage 1: Getting quotes
Pharmacies see:
- ✓ Medication name and dosage
- ✓ Quantity needed
- ✓ Your general area (first 3 digits of ZIP — covers ~2.7 million people)
Pharmacies do NOT see your name, email, phone, address, or prescription image.
Stage 2: After you choose a pharmacy
Only the pharmacy you select receives:
- ✓ Your name
- ✓ Your prescription image (encrypted, expires in 60 seconds)
- ✓ Your delivery address (if you chose delivery)
No other pharmacy ever sees this information.
Every pharmacy on our platform is verified, state-licensed, and has signed a Business Associate Agreement (BAA) that requires them to protect your data, use it only for filling your prescription, and delete it within 30 days.
Service providers
| Service | What they do | Do they see PHI? |
|---|---|---|
| Cloud infrastructure | Hosts the app, database, and encrypted file storage | Encrypted at rest — they store it but can't read it |
| Stripe (payments) | Processes payments | No — only order IDs and dollar amounts. Never medication names |
| Analytics (privacy-preserving) | Helps us understand how people use the site | No — our anonymization layer strips all identifiers and health data before anything reaches analytics |
| Email delivery | Sends you notifications about your quotes | Minimal — email body may include medication name. Provider is covered by our BAA |
Legal requirements
We may disclose information when required by law, court order, or regulatory investigation. We will notify you unless legally prohibited from doing so.
Business transfers
If Script Unlock is acquired or merges with another company, your data would transfer under the same privacy protections. We'd notify you in advance and give you the option to delete your data before the transfer.
4. How we protect your data
| Protection | What it means |
|---|---|
| Encryption in transit | Everything between your browser and our servers is encrypted with TLS 1.3 — the same standard used by banks |
| Encryption at rest | Your prescription image is encrypted with AES-256-GCM before it's stored. Each file gets its own unique encryption key |
| Access controls | Only you and the pharmacy you choose can see your prescription. Our own team can't access your health data without a documented reason and dual approval |
| Audit logging | Every time your data is accessed — by anyone, including us — it's logged with who, what, when, and why |
| Session security | You're automatically logged out after 15 minutes of inactivity. Sessions expire after 12 hours regardless of activity |
| No browser storage | Your health data is never stored in your browser's cookies, local storage, or URL — it exists only in encrypted form on our servers |
5. Your rights
Rights under HIPAA (all US patients)
- Access: You can request a copy of all health information we hold about you. We'll provide it within 30 days.
- Amendment: If you believe your health data is incorrect, you can ask us to correct it.
- Accounting of disclosures: You can ask for a list of every time we shared your health data, with whom, and when.
- Restrict sharing: You can ask us to limit how we share your data, though we may not be able to agree if it prevents us from providing the service.
- Confidential communications: You can ask us to contact you at a specific email or phone number.
- File a complaint: If you believe your privacy rights have been violated, you can file a complaint with us or with the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint.
Rights under CCPA/CPRA (California residents)
- Know: You can ask what personal information we've collected and why.
- Delete: You can ask us to delete your personal information.
- Correct: You can ask us to fix inaccurate data.
- Opt out of sale: We don't sell your data, period. But you still have the right to tell us not to — and we will honor it.
- Non-discrimination: We will never charge you more or give you worse service for exercising your privacy rights.
In the last 12 months, we have not sold any personal information. We have not shared personal information for cross-context behavioral advertising.
Rights under GDPR (EU/UK residents)
If you're in the EU or UK, you also have the right to data portability (receive your data in a machine-readable format), the right to object to processing, and the right to lodge a complaint with your local data protection authority. Our Data Protection Officer can be reached at dpo@scriptunlock.com.
6. How long we keep your data
| Data | How long | Why that long |
|---|---|---|
| Prescription images | 30 days | Just long enough for pharmacies to fill the prescription. Then auto-deleted |
| Prescription details (medication, dosage) | 90 days | Covers the HIPAA authorization window and allows refill reminders |
| Quotes and bid history | 2 years | For dispute resolution and your savings history |
| Account info (name, email) | Until you delete your account + 30 days | 30-day grace period in case you change your mind |
| Consent records | 7 years | Legal requirement — proof that you authorized us to share your data |
| Audit and security logs | 7 years | HIPAA requires 6 years. We keep 7 for safety |
| Payment records | 7 years | IRS record-keeping requirements |
| Anonymized analytics | Indefinitely | Can't be linked back to you — used for product improvement |
Some states require longer retention for health records (e.g., Illinois: 10 years; New York: 6 years for adults, longer for minors). We automatically apply the stricter of federal or state requirements based on your location.
7. Cookies and tracking
We use cookies to keep the site working and to understand how people use it. Here's exactly what we use:
| Type | Purpose | Can you turn it off? |
|---|---|---|
| Essential | Keeps you logged in, remembers your consent choices, protects against cross-site attacks | No — the site won't work without these |
| Functional | Remembers your language preference, dark/light mode, and last-used ZIP code | Yes — via cookie banner |
| Analytics | Tells us which pages people visit and where they get stuck. No PHI is ever sent to analytics — our anonymization layer removes it automatically | Yes — via cookie banner. Analytics load with analytics_storage: denied until you opt in |
| Marketing | We do not use marketing or advertising cookies. Period. | N/A |
We do not use third-party advertising pixels, Facebook tracking, or any tool that transmits health information to ad networks. You can manage your cookie preferences at any time using the cookie banner or by contacting us.
8. How to delete your data
You have three ways to delete your data:
1. Self-service (fastest)
Go to Account Settings → Privacy and tap "Delete My Data" or "Delete My Account." Prescription images are deleted within 72 hours. Account data is deleted after a 30-day grace period.
2. Email request
Send an email to privacy@scriptunlock.com with the subject "Data Deletion Request." We'll verify your identity and process your request within 30 days.
3. Formal data subject request
Submit a formal request through our Support page. Required for CCPA "Right to Delete" or GDPR "Right to Erasure" requests. Processed within 30 days (45 days with extension if complex).
What we can't delete
Some data must be kept for legal reasons even after you request deletion: consent records (7 years — they're proof that you authorized data sharing), audit logs (7 years — HIPAA requires them), and payment records (7 years — IRS requires them). This data is locked down and not used for any other purpose.
9. Children's privacy
Script Unlock is not designed for children under 13 (or under 16 in the EU). We don't knowingly collect data from children. If you believe a child has used our service, contact privacy@scriptunlock.com and we'll delete their data immediately.
10. Changes to this policy
When we make material changes — like a new type of data sharing or a change in retention periods — we'll email you at least 30 days before the change takes effect. Minor clarifications (typos, formatting) don't trigger an email, but the "Last updated" date at the top always reflects the latest version.
11. Contact us
General privacy questions: privacy@scriptunlock.com
Data deletion or access requests: privacy@scriptunlock.com with subject "Data Request"
HIPAA complaints: privacy@scriptunlock.com — or directly to HHS at hhs.gov/hipaa/filing-a-complaint
EU/UK Data Protection Officer: dpo@scriptunlock.com
© 2026 Script Unlock, Inc. All rights reserved.