• 25

Data Protection

Scope and Controller

This Data Protection Notice describes how One-Stop Script Junction (ossj.org) processes personal data in connection with our services offered in and from the United States of America. We provide medication comparisons, drug alternatives, and disease information to help users make informed choices. We do not sell medications and are not a pharmacy or healthcare provider.

The controller for personal data is Leslie Jones, 115 South Ave, Rochester, NY 14604, United States of America. You may contact us at [email protected] for any privacy-related inquiries.

Effective date of this Notice: [insert date].

Definitions

“Personal data” means any information relating to an identified or identifiable natural person. “Processing” means any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, or deletion. “Sensitive personal data” includes information revealing health-related data, precise geolocation, and other categories defined by applicable law.

Categories of Personal Data We Process

  • Identifiers and contact information: name, email address, account credentials (if accounts are offered), IP address, and device identifiers.
  • Usage and interaction data: pages viewed, search queries (e.g., medication names, conditions, filters used), clicks, timestamps, referral URLs, and generalized location derived from IP address.
  • Device and technical data: browser type, operating system, screen resolution, language settings, cookie identifiers, and similar metadata.
  • Communications: content of messages you send to us, including support requests and feedback.
  • Health-related inquiries you voluntarily submit: free-text questions or notes that could imply health information. We do not seek to collect protected health information and request that you avoid sharing unnecessary health details.

Purposes and Legal Bases for Processing Under GDPR

Where the GDPR applies (e.g., to individuals in the EEA/UK/Switzerland), we process personal data on the following legal bases:

Contractual Necessity

  • To provide requested services, such as displaying drug prices, comparisons, and disease information.
  • To maintain and secure your account (if offered), and to respond to your requests.

Legitimate Interests

  • To ensure service reliability, security, and integrity; prevent fraud and abuse; and debug and improve our tools.
  • To perform analytics and measure service performance, including understanding feature usage to enhance user experience.
  • To present non-intrusive contextual content related to your interactions.

Consent

  • For non-essential cookies and similar technologies for analytics or advertising, where required.
  • For processing any voluntarily provided sensitive personal data contained in your inquiries.

Legal Obligations

  • To comply with applicable U.S. legal requirements, enforce our terms, and respond to lawful requests by public authorities.

Processing Under United States Law

We operate in the United States and comply with applicable federal and state privacy laws. We do not sell medications and do not act as a covered entity or business associate under HIPAA. Information you share on our site is not medical advice and should not replace consultation with a licensed professional.

Notice for California Residents (CCPA/CPRA)

  • Categories collected: identifiers; internet/usage data; geolocation (approximate); inferences limited to service improvement; and any information you directly provide.
  • Purposes: service delivery; security; debugging; analytics; compliance; and, if applicable, limited advertising/measurement.
  • Disclosure: to service providers/processors (hosting, analytics, support, email) under written contracts prohibiting use beyond our instructions; to authorities when legally required.
  • Sale/Sharing: We do not sell personal information for monetary consideration. We may “share” personal information for cross-context behavioral advertising as defined by law. You may opt out of “sale” or “sharing” by contacting us at [email protected] and by adjusting cookie settings and applicable browser signals (including Global Privacy Control).
  • Sensitive personal information: We do not use or disclose sensitive personal information for purposes requiring a right to limit under California law beyond what is necessary to provide requested services.
  • Rights: to know/access, correct, delete, opt out of sale/sharing, and non-discrimination for exercising rights.

Other U.S. State Privacy Laws

Residents of certain states (including, without limitation, Colorado, Connecticut, Utah, and Virginia) may have rights to access, correct, delete, opt out of targeted advertising or certain profiling, and data portability. You may exercise these rights as described in the “Exercising Your Rights” section. Where required, you may appeal our decision by replying to our response and indicating “Appeal.”

HIPAA and Health Information Notice

We are not a healthcare provider, health plan, or healthcare clearinghouse and do not act as a business associate. Our services are informational. Do not submit protected health information. If you choose to provide health-related details in free-text fields, we will process them only to respond to your request and to improve our service, based on your consent where required.

Sources of Personal Data

  • Directly from you when you use our site, contact us, or provide feedback.
  • Automatically from your device and browser through cookies and similar technologies.
  • From service providers that support our operations (e.g., analytics, hosting) consistent with your settings and applicable law.

Cookies and Similar Technologies

We use cookies, local storage, and similar technologies to enable core functionality, remember preferences, conduct analytics, and, where applicable, support advertising measurement. You can manage cookies via your browser settings and, where offered, our on-site controls. Where required, we obtain your consent for non-essential cookies. Disabling certain cookies may affect site functionality.

Disclosures to Processors and Third Parties

  • Service providers/processors: hosting, security, analytics, email delivery, customer support, and content delivery. They are bound by confidentiality and data protection obligations.
  • Business transfers: in connection with a merger, acquisition, or asset sale, subject to continued protection of personal data.
  • Legal compliance and protection: to comply with law, enforce terms, and protect users, the public, and our rights.

We do not disclose personal data to third parties for their own independent marketing without your consent.

International Data Transfers

Your personal data may be processed in the United States and other jurisdictions that may have different data protection laws than your home country. Where the GDPR applies, we rely on appropriate safeguards for international transfers, such as standard contractual clauses, and implement supplementary measures as needed.

Data Retention

We retain personal data for as long as necessary to fulfill the purposes described in this Notice, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods depend on data type and context (e.g., logs for security and auditing are typically retained for a limited period unless required longer).

Security Measures

We implement reasonable technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. No method of transmission or storage is fully secure; we continuously improve our safeguards considering risk, available technology, and industry practices.

Your Rights

Rights of EEA/UK/Swiss Residents under GDPR

  • Access, rectification, and erasure of personal data.
  • Restriction and objection to processing, including objection to processing based on legitimate interests.
  • Data portability where technically feasible.
  • Withdrawal of consent at any time, without affecting prior lawful processing.
  • Right to lodge a complaint with a supervisory authority.

Rights of U.S. Residents

  • Depending on your state, rights may include access, correction, deletion, data portability, and the right to opt out of targeted advertising, sale, or certain profiling.
  • California residents also have the right to limit certain uses of sensitive personal information and to be free from discrimination for exercising their rights.

Exercising Your Rights

To exercise your rights or submit a privacy request, contact us at [email protected] or write to: Leslie Jones, 115 South Ave, Rochester, NY 14604, USA. Please include your name, state or country of residence, the right(s) you wish to exercise, and sufficient information for us to verify your identity. We may request additional information solely to verify and process your request. If you are an authorized agent (where permitted by law), include proof of authorization and verification of the consumer’s identity.

Children’s Data

Our services are intended for individuals aged 16 and older. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data, contact us and we will take appropriate steps to delete such data.

Automated Decision-Making and Profiling

We do not engage in automated decision-making that produces legal or similarly significant effects about you. We may use limited profiling for service analytics and to improve content relevance, subject to your choices and applicable law.

Do Not Track

Some browsers transmit “Do Not Track” signals. Our services may not respond to all such signals. Where legally required, we honor browser-based opt-out signals, including Global Privacy Control, for opt-outs of sale/sharing or targeted advertising.

Third-Party Services and Links

Our site may reference third-party pharmacies or informational resources. If you navigate to third-party services, their privacy practices govern your use of those services. We encourage you to review their notices before providing personal data.

Changes to This Notice

We may update this Notice to reflect changes in our practices or legal requirements. We will post the updated version with a new effective date. Material changes will be communicated via the site or by direct notice where appropriate.

Contact Information

Controller: Leslie Jones

Address: 115 South Ave, Rochester, NY 14604, United States of America

Email: [email protected]

Categories

Tags Weight

About

One-Stop Script Junction helps you find affordable generic medications, compare drugs and alternatives, and explore evidence-based disease guides. Quickly review prices from licensed pharmacies and spot savings on FDA-approved generics. See side effects, interactions, and dosage information alongside brand vs generic comparisons. Use our tools to evaluate treatment options and discuss with your healthcare provider. Clear, unbiased, and updated regularly to support safe, informed choices.

© 2025. All rights reserved.