Effective Date: September 27, 2014.
For information about the privacy of patient health information, please review the
CVS/pharmacy Notice of Privacy Practices.
In some circumstances, CVS Caremark's use of your information will also be subject to the requirements of the Health Information Portability and Accountability Act (frequently referred to as 'HIPAA'). For example, when you are submitting information for prescription refills we are subject to the requirements of HIPAA. In those circumstances, the terms of CVS Caremark's HIPAA Notice of Privacy Practices will apply. If you have questions about which policy applies to information you have submitted, please do not hesitate to Contact Us, or call us toll-free at (888) 607-4287.
Our Privacy Guarantee
Who May Use This Site
This Site is not intended or designed to attract users under the age of 13. We do not collect personally identifiable data from any person we know to be under the age of 13 and instruct users under 13 not to send us any information to this Site.
Personal Information Gathered by CVS.com
We want you to understand how any personally identifiable information you provide to us is collected and used. Your personally identifiable information is removed before collected information is passed to the database we use to generate reports. Thus, business reports created by a CVS.com analyst are based on aggregate information and do not identify a particular customer. We store your personally identifiable information in the following situations:
Pharmacy Services for Prescriptions Delivered to Your Door: If you order prescriptions for delivery to your door, your health care provider, prescription insurance information, and medical profile information will be stored in Your Account. When you order prescription medications, we ask a few brief questions about your medical history. State and national boards of pharmacy require that we ask you for this information, which is used by our pharmacists to ensure that your prescriptions are properly dispensed.
Payment (Billing) Information: For all orders prescription and nonprescription, we ask for credit card information.
For nonprescription orders, we will bill your credit card for nonprescription items and any applicable shipping and handling charges.
For prescription orders, we will bill your prescription insurance company for the cost of your medications, and charge your credit card your co-payment and any applicable shipping and handling charges. If you do not use prescription insurance, we will charge your credit card the cash price for the medication and any applicable shipping and handling charges.
Storage: If you choose to create an online account, we will store billing and shipping information as a convenience to you for future purchases, and we will store information about your prescription and nonprescription orders for order tracking and status retrieval purposes.
If you choose to Shop as a Guest, we will only store your billing, shipping and contact information until the order has shipped.
Contact Information: CVS Caremark collects personally identifiable information at CVS.com from web visitors who are interested in receiving services it offers, such as prescription services, e-mail alerts, newsletters, and other notifications. CVS Caremark works with third-party providers to provide specific services offered on CVS.com, and may collect personal information as part of the provision of those services.
Email and Newsletters: CVS Caremark collects personally identifiable information at CVS.com from web visitors who are interested in receiving services it offers, such as prescription services, email alerts, newsletters, and other notifications. CVS Caremark works with third-party providers to provide specific services offered on CVS.com, and may collect personal information as part of the provision of those services.
In the event that CVS Caremark or some of our assets are sold or transferred or used as security or to the extent we engage in business negotiations with our business partners, the information collected on this Site may be transferred or shared with third parties as part of that transaction or negotiation. We may also provide information or provide access to information to any of our affiliated businesses or to our business partners or fulfillment houses.
If we are requested by law enforcement officials or judicial authorities to provide information on individuals, we may, without your consent, provide such information. In matters involving claims of personal or public safety or in litigation where the data is pertinent, we may use or disclose personal information without your consent or court process.
We may use information you submit to investigate security breaches or otherwise cooperate with authorities pursuant to a legal matter. We may also remove personally identifiable information and use remaining data for historical, statistical or business planning purposes.
In order to provide you with content and services that match your interests, CVS/pharmacy and CVS.com have relationships with third party companies to provide technology, services, and/or content under CVS/pharmacy and CVS.com branding. We also provide off-site links that we feel may be of interest to our customers.
Some of the services we offer through partnerships require registration or subscription to make them function properly. You are under no obligation to provide your information to these partners of CVS.com.. You may choose not to share your information with such partners by not using that service or viewing that content. When you register or subscribe to use one of these services, the information you provide may be collected and saved by the partner.
How We Keep Your Information Secure
We use state-of-the-art security measures to protect against the loss, misuse, and alteration of the information under our control. Specifically, we use Secure Socket Layer (SSL) technology for the areas of our site where we ask you to provide personally identifiable information. SSL technology provides for the safe transmission of personal information you give us because the information is encrypted. Encryption involves systematically scrambling numbers and letters so that if someone managed to intercept a packet of information, they would not be able to make sense of it. Although encryption slows the process of sending information across the Internet, it does provide better protection for your information.
You can tell you have entered a secured area when you look at the Universal Resource Locator (URL) in your browser's address bar and see that it has "https://" before the rest of the Web address. The "s" means that the page is hosted from a secured server. We use secured servers for our Registration/Membership and Sign In pages, Your Account pages, order processing pages, and special promotions. Unsecured pages have URLs that begin with "http://" (without the "s"). Most of our shopping aisles and health information areas are hosted from servers that do not use SSL. Since we do not collect personal information in these areas, using regular servers ensures a faster browsing experience.
You may on occasion encounter a standard warning that many browsers display when a visitor moves from a "secured" page to an "unsecured" page. When you encounter such a warning on our Web site, it usually means that you are moving from an "https://" to an "http://" page. If you see other browser warnings or error messages concerning the security of our site, please Contact Us. Include the specific wording you saw and where at CVS.com you encountered the message. Providing us with these details helps us to know if you have encountered a technical difficulty or a standard warning like the one described above.
If you use this site, you are responsible for maintaining the confidentiality of your access information and password and for restricting access to your computer and you agree to accept responsibility for all activities that occur under your password.
We will ask that any third parties to whom we may transfer your information take comparable steps to protect that security.
Reviewing our Web server logs and our customers' use of our site helps us to statistically monitor how many people are using our site and for what purpose. Only authorized CVS.com personnel have access to the Web server logs, cookie utilization data, and purchase history information collected by us. These employees are held to strict confidentiality and security policies and procedures.
Fraudulent Sites, Spam & Phishing
Please be aware that there may be fraudulent websites that illegally use CVS logos, and other aspects of the CVS brand. CVS is in no way associated with any fraudulent websites. These sites may circulate their presence on the internet via spam email, or through fraudulent phishing practices.
These sites have not been authorized by CVS to use our name and we work aggressively to identify their source and have them shut down. If you are in receipt of this type of spam email, to help protect your privacy you should avoid replying to it or forwarding it to other people.
In addition to our official websites, CVS works with a number of third party partners that host websites and micro-sites that provide information and services to our customers. All legitimate sites can be accessed from one of our official sites: www.cvs.com, www.cvscaremark.com, www.caremark.com, and www.cvs.com/photo. If you ever have reason to question whether a website or an email is fraudulent, please contact us by phone at 888-607-4287 with your concerns.
Spyware is a data collection technology that is downloaded to a consumer's personal computer which aids in gathering information about that person or organization without their knowledge. It can enter your computer as a software virus or as a result of installing a new program. It is used to gather information about your personal internet usage, monitor keyboard strokes or capture personal information for use by other parties.
CVS Caremark does not install any tracking software or spyware on your system, or collect personal information about you and your browsing habits. Any personally identifiable information gathered about users is with the consent of the user, and all possible uses for the data are outlined at the time the data is provided. We take the security of your personal information seriously, and work hard to maintain a safe and secure site for your use.
By registering and establishing an online account with CVS.com, you consent to the collection and use of the information detailed here.
We hope you'll agree to let us contact you with timely promotional offers. You can take yourself off our email list for promotional offers at any time by updating your Email Communications preference in your Account Profile in the My Account section.
You can request the removal or modification of your Personal Information by sending an email to the appropriate area under "Contact Us". You may also request that we not disclose your information. We will respond to accommodate your request in 30 days. It would be helpful to let us know the context in which you provided Personal Information.
By establishing a CVS.com account, you agree that it is your responsibility to:
• Authorize, monitor, and control access to and use of your CVS.com account, User ID and password.
• Promptly inform us of any need to deactivate a password or an account by calling Customer Care at (888)
If you have any questions or concerns about this statement, or about the way your information is collected and used, please Contact Us or call us toll-free at (888) 607-4287.
CVS Caremark Corporation
1 CVS Drive
Woonsocket, R.I. 02895