EasyMD.Net: Your Guide to Pharmaceuticals
  1. Home
  2. Data Protection

Data Protection

Ethan Gregory 4/09/23

Controller and Contact Information

This notice describes how EasyMD.Net: Your Guide to Pharmaceuticals (easymd.net) processes personal data as controller.

Controller: Ethan Gregory, 201 S Estes Dr, Chapel Hill, NC 27514, United States of America.

Contact Email: [email protected].

We are not required to appoint a Data Protection Officer; however, all privacy inquiries should be directed to the Controller at the email address above.

Scope and Applicability

This notice applies to the processing of personal data collected through easymd.net and related communications. It is intended to meet requirements under the European Union General Data Protection Regulation (GDPR) for users in the EU/EEA and under applicable United States privacy laws, including the California Consumer Privacy Act (as amended by CPRA) and similar state laws.

EasyMD.Net is an informational resource and is not a covered entity under HIPAA. We do not require you to submit protected health information to use our site.

Categories of Personal Data We Process

Information you provide to us

  • Identifiers and contact details: name, email address, postal address, and similar information provided via contact forms, newsletter sign-ups, or correspondence.
  • User submissions: comments, inquiries, feedback, and other content you choose to provide.
  • Optional information: any health-related or other sensitive information you voluntarily include in free-text fields.

Information collected automatically

  • Technical and usage data: IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, time and date of visits, and clickstream data.
  • Cookies and similar technologies: identifiers associated with your device or browser, preferences, and analytics data.
  • Approximate location inferred from IP address.

Information from third parties

  • Service providers: analytics, hosting, and email delivery providers may provide aggregated or pseudonymized insights.
  • Publicly available sources or social channels if you interact with our content there.

Purposes and Legal Bases for Processing (GDPR)

  • Provide and operate the website, including troubleshooting and support (legal bases: performance of a contract or legitimate interests).
  • Respond to inquiries and communicate with you (legal bases: legitimate interests or consent, where required).
  • Send newsletters or updates where you have subscribed (legal basis: consent; you may withdraw at any time).
  • Personalize content and remember preferences (legal bases: consent or legitimate interests, depending on the jurisdiction and the cookie type).
  • Measure and improve site performance and understand audience engagement via analytics (legal bases: consent or legitimate interests, depending on the jurisdiction and the cookie type).
  • Maintain security, prevent fraud, and detect misuse (legal bases: legitimate interests and legal obligations).
  • Comply with legal obligations, exercise or defend legal claims (legal basis: legal obligation or legitimate interests).
  • Business continuity and corporate transactions, such as mergers or asset transfers (legal basis: legitimate interests).

Special Category Data and Health Information

We do not require special category data (including health information) to use our services. Please avoid submitting sensitive information in free-text fields. If you choose to provide such data, we will process it only with your explicit consent or if it has been manifestly made public by you. EasyMD.Net provides general informational content and does not offer medical diagnosis or treatment.

Cookies and Similar Technologies

We use cookies and similar technologies to operate the site, remember preferences, perform analytics, and, where applicable, to support marketing. You may control cookies through your browser settings and, where offered, our on-site consent tools. Essential cookies are necessary for the website to function and cannot be disabled via our tools.

We do not respond to Do Not Track signals. Where technically feasible, we honor recognized browser-based opt-out signals such as Global Privacy Control for choices related to sale/share and targeted advertising under applicable U.S. state laws.

Do Not Sell or Share My Personal Information (U.S.)

We do not sell personal information for monetary consideration. If we engage in practices that constitute “sharing” for cross-context behavioral advertising under the CPRA or similar state laws, you may opt out via available site controls or by contacting us at [email protected]. We will also honor supported Global Privacy Control signals.

Data Sharing and Recipients

We share personal data with:

  • Service providers acting on our behalf (e.g., hosting, security, analytics, email delivery, customer support), bound by contractual confidentiality and data protection obligations.
  • Professional advisors (e.g., legal and accounting) under confidentiality.
  • Authorities, regulators, or law enforcement when required by law or to protect rights and safety.
  • Third parties in connection with corporate transactions, subject to appropriate safeguards.

International Data Transfers

We process and store data primarily in the United States. Where GDPR applies and data is transferred from the EU/EEA or UK to countries without an adequacy decision, we rely on appropriate safeguards such as Standard Contractual Clauses and implement supplementary measures as needed. You may contact us to obtain more information about these safeguards.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this notice, including to comply with legal, accounting, or reporting obligations, resolve disputes, and enforce agreements. Retention periods vary by data category and context; when no longer necessary, data will be deleted or anonymized.

Security

We implement technical and organizational measures designed to protect personal data, including encryption in transit, access controls, and monitoring. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

Your Rights Under the GDPR

  • Right of access to your personal data and information about processing.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure (right to be forgotten) in applicable circumstances.
  • Right to restriction of processing in applicable circumstances.
  • Right to object to processing based on legitimate interests or for direct marketing.
  • Right to data portability for data you provided to us, where technically feasible.
  • Right to withdraw consent at any time, without affecting processing prior to withdrawal.
  • Right to lodge a complaint with an EU/EEA supervisory authority. You may also contact us for assistance.

United States State Privacy Rights

Residents of certain U.S. states (including California, Virginia, Colorado, Connecticut, and Utah) may have rights to: know/confirm whether we process personal information; access and obtain a copy of personal information; correct inaccuracies; delete personal information; receive personal information in a portable format; and opt out of sales, targeted advertising, or certain profiling. Where applicable, you may also request to limit the use and disclosure of sensitive personal information; we do not use sensitive information to infer characteristics about you.

We will not discriminate against you for exercising your privacy rights.

Exercising Your Rights and Verification

To exercise GDPR or U.S. state privacy rights, contact us at [email protected]. We may need to verify your identity by requesting information that reasonably confirms your identity and residency. Authorized agents may submit requests on your behalf where permitted by law, subject to verification and proof of authorization.

We aim to respond within 30 days for GDPR requests and 45 days for U.S. state requests (extendable as permitted by law). If we deny a request under U.S. state law, you may appeal by emailing [email protected] with the subject line “Privacy Request Appeal.”

Children’s Data

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it. For California residents aged 13–16, we do not knowingly sell or share personal information without affirmative authorization.

Automated Decision-Making and Profiling

We do not engage in solely automated decision-making that produces legal or similarly significant effects. We may use limited profiling for analytics and to improve content relevance, subject to your consent where required.

Changes to This Notice

We may update this notice to reflect changes in our practices or legal requirements. Material changes will be indicated by updating the effective date below. Continued use of our services after changes indicates your acknowledgment of the revised notice.

Effective Date

August 21, 2025

About the Author

Ethan Gregory
Ethan Gregory

My name is Ethan Gregory and I'm a recognized expert in the pharmaceutical industry based in Melbourne, Australia. My work primarily involves researching and developing new medications. Also, I have a keen interest in exploring the effects and efficacy of dietary supplements and advancements in disease treatments. In my leisure, I often convert my discoveries and knowledge into written form, aiming to educate others about medication, diseases, and supplements.

Write a comment