Privacy Policy

Effective Date: January 1, 2025

OptimSync, Inc. ("OptimSync," "our," "we," or "us") is a healthcare technology company. We build software and provide services that help pharmacies, covered entities, and healthcare organizations manage compliance and optimize participation in the 340B Drug Pricing Program and related initiatives ("Customers").

We are committed to respecting and protecting the privacy of the information we maintain. As part of our agreements with our Customers, we may obtain information from and about healthcare providers, pharmacies, goverment agencies, and other persons and entities with which our Customers do business ("Customers' Business Partners"). Some of this information may include information about individuals maintained and/or processed by our Customers or their Business Partners. In these circumstances, we act as a service provider to our Customers, and our ability to process this data is governed by our contracts with our Customers.

We may also collect personal information from individuals who simply browse our websites and applications ("Visitors"). This Privacy Policy ("Privacy Policy" or "Policy") describes our privacy practices with respect to the personal information we collect and/or process when you interact with us, including through OptimSync.com and related applications (collectively, the "Sites"), when you communicate with us, schedule or engage in a demo, and through other interactions (collectively, the "Services"). By using or accessing our Sites and Services in any manner, you agree that we may collect, use, and share personal information about you as described below. This Privacy Policy does not cover data that we collect regarding job applicants, employees, contractors, or other OptimSync personnel.

Use of our Sites and Services is always subject to our applicable Terms of Service, which incorporate this Privacy Policy. We may update this Policy at our discretion. If material changes are made, we will notify you by posting the new Privacy Policy on the Sites and updating the effective date. Please check back regularly for updates.

1. Notice at Collection: Personal Information We Collect

We may collect the following categories of personal information:

• Personal identifiers: name, business or billing address, email address, account name and password, phone number.
• Commercial information: records of services or products purchased or considered, information related to 340B claims, rebates, or payments, information about healthcare services purchased, dispensed, or billed.
• Internet/electronic activity: IP address, operating system, browser type, date and time of visit, pages visited, and related browsing activity.
• Professional information: job title, role, business contact details.
• Audio/visual information: recordings of customer service calls or demo sessions.
• Inferences: drawn from personal information we collect to tailor our Services.
• Sensitive personal information: information submitted on a claim form or healthcare-related transaction (not including Protected Health Information regulated by HIPAA, which is governed by separate agreements where applicable)

2. Notice at Collection: Purposes for Collection of Personal Information

We collect and use personal information to:

• Provide the Sites and OptimSync's Services.
• Communicate with Customers and Business Partners
• Administer, improve, and secure our Sites and systems.
• Facilitate product and service development.
• Market and advertise our Services.
• Comply with laws, enforce our policies, and protect our rights.
• Prevent fraud and monitor for unlawful or prohibited activities.

3. Notice at Collection: Categories of Personal Information We Sell or Share for Targeted Advertising

OptimSync may engage in digital advertising practices that qualify as a "sale" or "sharing" under some privacy laws. This may include:

• Personal identifiers: such as IP address.
• Internet/electronic activity: browsing data.

We allow third-party advertising and analytics providers to place cookies or tracking technologies on our Sites to enable targeted advertising.

To opt out of such practices, submit a Data Rights Request or contact us at info@optimsync.com.

We do not sell or share other categories of personal information.

4. Retention of Personal Information

We retain collected personal information for as long as necessary to provide our Services, comply with legal obligations, or protect our legal rights.

5. Sources of Personal Information

We collect information directly from Customers, Visitors, and representatives of organizations with which we do business.

6. Use or Disclosure of Sensitive Personal Information

We do not use or disclose sensitive personal information for purposes other than providing Services or as otherwise permitted by law.

7. Disclosure of Personal Information in the Past 12 Months

We may have disclosed the following categories of personal information to service providers, contractors, Customers, and Business Partners for legitimate business purposes:

• Personal identifiers.
• Commercial or financial information.
• Internet/electronic activity.
• Professional information.
• Audio/visual information.
• Inferences.
• Sensitive personal information (limited to claims-related data).

Business purposes include: account management, processing payments, fraud prevention, advertising, analytics, IT security, and legal compliance.

8. Our Use of Cookies and Analytics

We use cookies, tracking pixels, and analytics tools to:

• Recognize you when you return.
• Track usage patterns on our Sites.
• Measure the effectiveness of communications.
• Deliver relevant marketing and advertising.

We may partner with third-party providers (e.g., Google Analytics, LinkedIn, ZoomInfo, Cloudflare, etc.) to provide analytics and advertising services.

9. Personal Information of Minors

For questions regarding these Terms, please contact:

10. Do-Not-Track Requests

Our Sites currently do not respond to "Do Not Track" browser signals.

11. Third-Party Sites

Our Sites may contain links to third-party websites. We are not responsible for their privacy or security practices.

12. Security

We use reasonable safeguards to protect personal information. However, no system is completely secure, and we cannot guarantee absolute security.

13. Privacy Requests

You may exercise your privacy rights or submit questions by contacting us at info@optimsync.com. If OptimSync acts as a service provider, we may redirect your request to the appropriate Customer.

14. Accessibility

We are committed to making our communications accessible. To request this Policy in an alternative format, please contact us at info@optimsync.com.

15. International Users

Our Sites are hosted in the United States and are intended for U.S. users. If you access our Services from outside the U.S., you consent to the transfer of your data to the United States.

16. Contact Us

For questions or concerns, please contact:

OptimSync, Inc.

info@optimsync.com

17. Updates to this Privacy Policy

We may update this Policy from time to time by posting a revised version on our Sites. Continued use of our Services constitutes acceptance of the updated Policy.