Effective June 25, 2026. Template — not legal advice; pending counsel review.
FlaggedRx ingests public, non-personal regulatory data about firms, facilities, products, and batches. Where a source notice incidentally contains personal contact details, we redact them (email, phone, named contacts) before surfacing or storing. We do not knowingly build profiles of individuals.
If you submit your email (lead capture) or create an account, we store that email and your plan/usage to operate the service and contact you. We use a payment processor (Stripe) for billing; we do not store card numbers.
To provide the service, send the alerts/digests you request, and improve coverage. We do not sell personal data.
If you are in the EEA/UK or India, you have rights to access, correct, or delete your personal data; contact privacy@flaggedrx.com. Our lawful basis is performance of a contract and legitimate interest in operating a B2B tool. The regulatory content itself is public-sector information; personal records within it are redacted, not resold.
We retain account/lead data while your relationship with us is active and as needed for legal obligations, then delete or anonymize it. We apply reasonable technical safeguards; no system is perfectly secure.