340B CONSULT, LLC PRIVACY POLICY
Effective Date: August 4, 2025
This Privacy Policy ("Policy") is a binding agreement between 340B Consult, LLC, an Arizona limited liability company ("340B Consult," "we," or "us") and you ("User"). It explains how we collect, use, and protect personal information obtained through our website and services (collectively, the "Services"). This Policy is compliant with the California Consumer Privacy Act ("CCPA"), the California Privacy Rights Act ("CPRA"), the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), and other applicable healthcare privacy laws.
If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.
Notice at Collection
We collect personal information to provide, and improve our Services. Examples of the categories of information, purpose of collection, and data retention practices are described below. For more complete information, please review the full Privacy Policy.
Categories of Personal Information Collected
We may collect the following categories of personal information:
Category | Examples | Source | Purpose | Retention |
|---|---|---|---|---|
Inferences | Preferences inferred from interactions | Derived internally | User experience optimization | Up to 12 months |
Identifiers | Name, email, IP address, phone number | Directly from you | Provide Services, support, communication | Duration of relationship |
Internet/Network Activity | Browsing history, IP address, cookies | Automatically collected | Improve Services, analytics, fraud prevention | Up to 12 months |
Professional/Employment Info | Job title, organization | Directly from you | Provide Services, support, communication | Duration of relationship |
We do not knowingly collect Sensitive Personal Information as defined under CPRA.
HIPAA and Protected Health Information (PHI)
340B Consult, LLC provides services to covered entities that may involve access to Protected Health Information ("PHI") as defined by HIPAA. When acting as a Business Associate, 340B Consult complies with all HIPAA requirements, including those relating to the privacy and security of PHI. PHI is governed by Business Associate Agreements ("BAAs") entered into with each covered entity.
This Privacy Policy does not apply to PHI that we receive, maintain, or transmit on behalf of our clients pursuant to a BAA. Our obligations with respect to PHI are governed by the applicable BAA and HIPAA regulations.
Use of Personal Information
We use your information for the following purposes:
-
Provide and maintain the Services
-
Communicate with you
-
Perform analytics and improve functionality
-
Fulfill contractual obligations
-
Protect our legal interests and prevent fraud
-
Comply with legal obligations
Sale or Sharing of Personal Information
We do not sell or share your personal information outside of our organization.
Data Retention
We retain personal information only as long as necessary for the purpose for which it was collected, and as required by law. Retention periods vary by data category and are outlined in the table above.
Consumer Rights Under the CCPA and CPRA (California Residents)
If you reside in California, you have the following rights:
-
Right to Know: Request details about the personal information we collect, use, and share.
-
Right to Delete: Request deletion of your personal information.
-
Right to Correct: Request correction of inaccurate personal information.
-
Right to Opt-Out: Opt-out of sale or sharing of personal information (if applicable).
-
Right to Limit: Limit the use of sensitive personal information (if collected).
-
Right to Non-Discrimination: You will not be discriminated against for exercising your rights.
To exercise these rights, email us at Contact@340bconsult.com.
Verifying Your Request
To protect your privacy, we will verify your identity before processing any consumer rights requests. This may include confirming your email address or other identifying information.
How We Collect Information
We collect information:
-
Directly from you when you fill out forms, send communications, or request Services
-
Automatically via cookies, IP address logs, and usage tracking
-
From third-party service providers or partners with your consent
Information Sharing and Disclosure
We may disclose your information:
-
To internal and external service providers to operate our Services
-
In connection with legal obligations, court orders, or law enforcement requests
-
In business transfers (e.g., merger, sale)
-
As necessary to protect our rights or those of others
We require service providers to adhere to confidentiality and data protection agreements.
Deep Packet Inspection & Security
We may use Deep Packet Inspection (DPI) and IP tracking to detect security threats. This may involve processing personal information to maintain the security and integrity of the Services.
Data Protection and Security
We use commercially reasonable security measures to protect your personal information. However, no method of transmission or storage is 100% secure. Use of our Services is at your own risk.
Tracking Technologies and Cookies
You may refuse browser cookies through your settings. Note: Disabling cookies may limit the functionality of the Services.
Children Under the Age of 13
Our Services are not intended for children under 13. If we learn we have collected personal information from a child under 13 without parental consent, we will delete it.
Notice to Non-U.S. Residents
If you are located outside the U.S., your information will be transferred to and processed in the United States. By using our Services, you consent to this transfer and processing.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time. All updates are effective immediately upon posting. Your continued use of the Services signifies your acceptance of the updated Policy.
Contact Us
For questions or concerns about this Privacy Policy or your personal information, please contact us by email at Contact@340bconsult.com.