online privacy policy
PRAM INSURANCE SERVICES, INC., has created this online privacy policy (the “Policy”) for its website www.pramdiscountrx.com and it's online Partner Portal (collectively, the “Site”). The following discloses PRAM’s information gathering and dissemination practices for the nonpublic personal information we collect. That type of information is described below in Information We Collect. We encourage you to read this Policy, so please do not use the Site if you disagree with any part of the Policy.
HOW WE PROTECT YOUR INFORMATION
At PRAM, our customers are our most valued assets. Protecting your privacy is important to us. We restrict access to nonpublic personal information about you to those individuals and entities, such as our employees and risk management service companies and your insurance agent or broker (who is also known as an “insurance producer”), who assist us in providing our products and services. We require those individuals and entities to whom we permit access to your nonpublic personal information to protect it and keep it confidential. We maintain physical, electronical and procedural safeguards that comply with applicable regulatory standards to guard your nonpublic personal information in our possession.
We do not disclose any nonpublic personal information about you, as our customer or former customer, except as described in this Policy.
INFORMATION WE COLLECT
We collect and maintain information about you to provide you with the products or services you request and to manage your account.
We collect certain information (“nonpublic personal information”) about you and the members of your household (collectively, “you”) from the following sources:
- Information we receive from you or your agent on applications or other forms, such as your social security number, name and address, assets, income and property information;
- Information about your transactions with PRAM, our affiliates or others, such as your program features, and payment history;
- If you pay your invoice online through our Partner Portal, then we receive from your financial information, such as credit card numbers and bank account numbers;
- Information we receive from an insurance support organization, such as claims history; and
- If you use your prescription benefit, the information we receive from you may include details of your personal life, such as your date of birth and medical information regarding diseases or physical conditions from medical professionals who have provided care to you.
HEALTH AGENT AND PORTAL
While the products listed on this website are NOT INSURANCE, PRAM believes that its members and potential members are best served by working with a health agent to procure discount products from PRAM's suite of prescription related products. PRAM does not sell its discount products directly to the public. Your health agent has access to PRAM’s agent portal on the Site, through which your health agent may conduct purchases for discount products on your behalf. You should discuss with your health agent what information your health agent will and will not submit to PRAM through the Site.
INFORMATION WE DISCLOSE
PRAM may disclose nonpublic personal information as described above in Information We Collect, to companies that perform services on our behalf or to other third-party vendors we contract with, all as permitted by law.
Many employer benefit plans and plan sponsors restrict the information that can be shared about their employees or members with companies that provide them with products or services. If you have a relationship with PRAM or one of its affiliates as a result of products or services provided through an employer benefit plan or plan sponsor, we will abide by the privacy restrictions imposed by that entity.
We are permitted to disclose nonpublic personal information about you: 1) to process your transaction with us, or to prevent fraud; (2) with your written authorization; and (3) as otherwise permitted by law.
SHARING INFORMATION WITH AFFILIATES
PRAM may disclose nonpublic personal information as described above in Information We Collect, to our affiliates, which include pharmacy benefit managers, health agents and pharmacy benefit management companies.
We are permitted by law to share with our affiliates our transaction and experience information about you in order to provide you with the products or services you request and to manage your account.
In addition, we may share with our affiliates information from consumer reporting agencies, including credit reports, and certain application information that we receive from you and from third parties including health support organizations.
SHARING INFORMATION WITH NON-AFFILIATES
We may share your nonpublic personal information as described above in Information We Collect, with non-affiliates that assist us in servicing your program benefits. Examples of such services are administration (billing and collections), risk management, and claims handling services. We may also share your nonpublic personal information with non-affiliates for the purpose of detecting and preventing fraud, as directed or authorized by you or as otherwise permitted or required by law.
We may also share your nonpublic personal information with certain governmental and regulatory entitles, but only to the extent required by law. Examples include state Workers Compensation Boards and the U.S. Department of Health and Human Services which administers Medicare.
Because we do not share nonpublic personal information with either affiliates or non-affiliates in any way except as described in this Policy, there is no need for an opt-out process in our privacy procedures.
For California and Vermont Residents: If it becomes necessary to share your nonpublic personal information with non-affiliates other than as specifically allowed by law, we will not do so with first obtaining your permission.
MAINTAINING PERSONAL INFORMATION
We maintain procedures to ensure that the nonpublic personal information we collect is accurate, up-to-date and as complete as possible. If you believe the information we have about you in our records or files is incomplete or inaccurate, you may request that we make additions or corrections, or if it is feasible, that we delete this information from our files. You may make this request in writing to (include your name, address, and ID number):
Attn: Chief Privacy Officer
One Pointe Drive, Suite 120
Brea, CA 92821
Or by email to: [email protected] or by telephone at: 1-800-262-7726.
Special Notice: You can obtain access to any nonpublic personal information we have about you if you properly identify yourself and submit a written request to the address above describing the information you want to review. We will also tell you the identity, if recorded, of persons to whom we have disclosed your nonpublic personal information within the preceding two years.
You may request that we correct, amend or delete information about you. If we do so, we will notify organizations that provided us with that information and, at our request, persons who received that information from us within the preceding two years. If we cannot grant your request to correct, amend or delete the information, you may provide us a written statement of the reasons you disagree, which we will place in your file and give to the same parties who would have been notified of the requested change.
MODIFICATIONS TO THE PRIVACY POLICY
PRAM reserves the right to change this Policy in the future. If we do that, you will be notified of the revised privacy policy.
GENERAL STATEMENT
PRAM’s policy is to protect the confidentiality of the nonpublic personal information that you provide, and to limit access to that information only to those with a need to know. PRAM may collect your name, address, phone number, and e-mail address at this Site. We will use this information to provide you with information you request, to refer you to a PRAM health agent, to refer you to a third-party service provider or to comply with a legal requirement. When you encounter a screen in the Site that asks for information you do not want us to have or use, you should not proceed further with that screen. For further information, please see the Terms and Conditions at www.pramdiscountrx.com.
HYPERLINKS
PRAM has agreements with third parties that allow you to go to their websites from our Site. If you go to a website from our Site, you may be asked to give nonpublic personal information for access to services or products offered by the host of that website. You may become a part of that business’ customer base and be subject to its policies regarding the handling of customer data.
Please be aware that PRAM is not responsible for the privacy practices of those websites. We encourage you to be aware of this when you leave our Site and to read the Privacy Statements of each and every website that you visit, as the privacy policies associated with those websites may differ from ours. Our Policy applies solely to our Site.
COOKIES
A cookie is a message sent to your browser from a web server that is stored on your computer’s hard drive. The message is sent back to the web server whenever the browser requests a page from that server. Many commercial websites use cookies. While a code in the cookie file enables the website to label you as a particular user, it does not identify you by name or address unless you have provided the website with such information or set up preferences in your browser to do so automatically. On occasion PRAM may use cookies (which may be provided by a third party operating on our behalf) to help us analyze traffic or to improve your Site navigation experience. To facilitate the analysis, an identification is assigned to help us uniquely identify you each time you return to the Site. One of the major concerns about stored cookies is the fear that they may contain personal information and information identifying you that could be accessed by other websites. PRAM only stores a randomly chosen unique identification number and a context, both of which are meaningless to others but help us to identify you.
PRAM wants to be sure you understand that accepting a cookie in no way gives us access to your computer or any nonpublic personal information about you, other than the information you choose to share. This practice is strictly enforced. While acknowledging the concerns that some visitors have about cookie usage, we believe that the benefit visitors to the Site gain from the use of cookies is worthwhile.
SECURITY AND EMAIL TRANSMISSIONS
Our policy is to limit access to nonpublic personal information about you only to those who need to know that information to provide products or services to you or to provide necessary technical support. We require our employees with access to your nonpublic personal information to use safeguards against unauthorized access or use and unlawful disclosure. We require our employees to adhere to high standards of ethics and integrity in performing their jobs and conducting business. We also require the same standards of confidentiality from the service vendors that assist us. To ensure the security of your nonpublic personal information that you submit to PRAM electronically, including information submitted through the Partner Portal (other than via an e-mail message), security software is used to encrypt (data scrambling) the information before and during its transmission through the internet. We only allow information to be submitted for transmission if your browser is compatible with our security software. If your browser is not compatible, you will receive a message indicating your transaction can be completed, but at a lower level of security. We do not encrypt the public portions of the Site. If you are on any website that asks you for confidential information, you should check to see if the information being transmitted is encrypted in order to increase the security of your information. E-mail messages are not secure. E-mail messages traveling through the internet are subject to viewing, alteration and copying by potentially anyone on the internet.
You should exercise discretion with respect to the submission of any nonpublic personal information via e-mail. If you are concerned about the security of your communication, you are encouraged to send your correspondence through the postal service or use the telephone to speak directly to us. We are not responsible for the security or confidentiality of communications you send to us through the internet using e-mail messages.
RIGHT TO PRESERVE AND DISCLOSE
PRAM may preserve for any period of time it deems appropriate all nonpublic personal information you provide. PRAM may also disclose nonpublic personal information you provide if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to: (a) complete your transaction; (b) comply with legal process; (c) comply with or enforce the terms of this Program; (d) respond to claims that any materials on the Site violate your rights or the rights of third parties; (e) protect the rights, property or personal safety of PRAM, its users and/or (f) effectuate a transaction in which all or substantially all of the equity or assets of PRAM are acquired by a third party.
CALIFORNIA ONLINE PRIVACY PROTECTION ACT
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word 'Privacy' and can easily be found on the page specified above.
You will be notified of any Privacy Policy changes:
- On our Privacy Policy Page
Can change your personal information:
- By emailing us at [email protected]
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not specifically market to children under the age of 13 years old.
FAIR INFORMATION PRACTICES
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email
- Within 7 business days
We will notify the users via in-site notification
- Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders.
- Send you additional information related to your product and/or service
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at
[email protected] and we will promptly remove you from ALL correspondence.
NOTICE TO CONNECTICUT MEMBERS CONCERNING THE COLLECTION OF SOCIAL SECURITY NUMBERS
We comply with Connecticut’s General Statutes, Title 42, § 42-470 and § 42-471, and do not do any of the following, which are prohibited or restricted by §42-470 in that state:
(1) We do not publicly post or publicly display in any manner any individual’s Social Security number;
(2) We do not print an individual’s Social Security number on any card required for the individual to access products or services provided for that person;
(3) We do not require an individual to transmit that individual’s Social Security number over the internet; even though Connecticut law permits us to gather such information on a secure connection or where the Social Security number is encrypted; and
(4) We do not require an individual to use his or her Social Security number to access an internet website, even though Connecticut law permits us to establish a password or unique personal identification number or other authentication device to access a website.
We do not regularly collect, use or release Social Security though we refer you to §42-470 (d), which provides: “This section does not prevent the collection, use or release of a Social Security number as required by state or federal law or the use of a Social Security number for internal verification or administrative purposes.”
GOVERNING LAW
The contents of the Site and the legal terms used in it are governed in all respects by the laws of the State of California, without reference to its choice of law rules. If an applicable law is in conflict with any part of the contents of the Site, said contents will be deemed modified to conform to the law. The other provisions will not be affected by any such modifications.
Questions?
Telephone: 1-800-262-7726 or email: [email protected]
Effective Date: January 1, 2023