Privacy Policy
Última actualización: November 2025 (Versión 1.0)
1. Introduction
At Farmacias Aliadas Maestre we protect the privacy and security of your personal and health information. This Policy describes how we collect, use and protect your information when you use our services, including our website and the MaestreRx platform. We strictly comply with HIPAA and other applicable laws. This policy applies to patients, physicians and authorized personnel.
2. Information We Collect
Depending on the service, we may collect: Personal information: name, address, phone, email, date of birth; Protected health information (PHI): prescriptions, medications, medical history and relevant conditions; Account information: access credentials and roles; Payment and transaction information (when applicable); Technical information: IP address, browser type and basic system activity; For physicians: professional license, DEA number and credentials.
3. How We Use Your Information
We use your information solely to: process and dispense prescriptions; provide pharmaceutical services and compounding formulations; facilitate electronic prescriptions through MaestreRx; communicate about medications and treatments; comply with legal and regulatory obligations (including HIPAA); improve our services and prevent fraud; maintain records of PHI access as required by law. We never sell your personal or health information for marketing purposes.
4. Information Sharing
We only share your information when: you expressly authorize it; it is necessary for trusted service providers under confidentiality agreements; the law requires it (court orders, regulatory agencies); there are medical emergencies; authorized physicians need information to provide care; or a business transfer occurs (with prior notification). All third parties are obligated to protect your information.
5. Your Rights Under HIPAA
You have the right to: access and obtain copies of your health information; request corrections; request restrictions or confidential communications; receive a copy of this Policy; file a complaint if you believe your rights have been violated. To exercise these rights, contact us. We will respond within the timeframes required by HIPAA.
6. Information Security
We implement technical, administrative and physical security measures, including: data encryption in transit and at rest; access controls and secure authentication; access logs to sensitive information; regular staff training; security monitoring and audits. Although we take strict measures, no system is completely infallible.
7. Data Retention
We retain information for the time required by law and for operational reasons. Medical records are kept as required by applicable laws (generally between 6 and 10 years or more). Then, the information is securely deleted or anonymized.
8. Children's Privacy
Our services are not directed at minors under 18 years of age without the consent of a parent or legal guardian. If we detect information collected without authorization, we will delete it.
9. Changes to This Policy
We may update this Policy occasionally. We will notify you of important changes via email, on the platform or on our website. Continued use of the services constitutes acceptance.
10. Contact
For questions or to exercise privacy rights: (787) 894-2075; 29 Calle Antonio R Barceló, Utuado, PR 00641; M–F 7:30 AM – 8:00 PM | Saturdays 8:00 AM – 8:00 PM. You can also file complaints with the Department of Health and Human Services (HHS).