Skip to content
MedGrid
Home
For Doctors
503A peptides, GLP-1s, peer forum, peer calls
For Vendors
ShipStation + Shopify 1-click connect, live tracking
For Sales Teams
QR referrals, team scoreboard, commission tracking
MSO Membership
Member pricing, rewards, protocol pack
Browse the full marketplace
Partners Affiliates About
⌘K
Log in Join as a Doctor
Home
Solutions
For Doctors For Vendors For Sales Teams MSO Membership
Partners Affiliates About Help Contact
Log in Join as a Doctor
← Legal & Compliance Center Legal

Privacy Policy

MedGrid, LLC · Updated June 10, 2026

On this page

    Effective Date: June 10, 2026

    This Privacy Policy explains how MedGrid, LLC ("MedGrid," "we," "us," or "our") collects, uses, discloses, and protects information in connection with the MedGrid platform, websites, and related services (the "Services"). By using the Services, you agree to this Privacy Policy. If you do not agree, do not use the Services.

    Relationship to HIPAA. When MedGrid handles protected health information on behalf of a physician, clinic, or other covered entity, MedGrid acts as a business associate under the Health Insurance Portability and Accountability Act ("HIPAA"), and that information is governed by HIPAA and the applicable Business Associate Agreement rather than this Privacy Policy. This Privacy Policy governs information that is not protected health information subject to a Business Associate Agreement.

    1. Information We Collect

    We collect the following categories of information:

    • Account and contact information: name, email address, telephone number, mailing address, and login credentials.
    • Professional and credentialing information: for physician and provider users, National Provider Identifier, DEA registration, state license information, practice details, and related verification data.
    • Transaction and payment information: orders, order history, billing details, and payment information processed through our third-party payment processors. We do not store complete payment card numbers.
    • Health-related information: information you or your provider submit in connection with orders, protocols, or outcomes. Where this information constitutes protected health information that we handle on behalf of a covered entity, it is governed by HIPAA and the applicable Business Associate Agreement.
    • Device and usage information: IP address, device identifiers, browser type, pages viewed, and similar analytics data collected automatically when you use the Services.
    • Cookies and similar technologies: as described in Section 7.

    2. How We Use Information

    We use information to: provide, operate, and improve the Services; create and manage accounts and verify provider credentials; process and fulfill orders; provide customer support; communicate with you about the Services; maintain the security and integrity of the Services; comply with legal, regulatory, and contractual obligations; and, where permitted, conduct research and analytics using de-identified information. We do not use protected health information except as permitted by the applicable Business Associate Agreement and HIPAA.

    3. How We Share Information

    We may share information as follows:

    • Service providers: vendors that perform services on our behalf, such as hosting, payment processing, analytics, and communications, under contractual confidentiality and data-protection obligations.
    • Pharmacies and product vendors: as necessary to fulfill orders you place through the Services.
    • Affiliates: entities under common ownership with MedGrid, for the purposes described in this Privacy Policy.
    • Legal and safety: to comply with law, legal process, or governmental request, to enforce our agreements, and to protect the rights, property, or safety of MedGrid, our users, or others.
    • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate confidentiality protections.
    • De-identified information: we may share or license information that has been de-identified in accordance with 45 C.F.R. Section 164.514(b) for research, protocol development, and analytics.

    We do not sell your personal information or your health information for monetary consideration, and we do not use or disclose protected health information for marketing, except as permitted by HIPAA and pursuant to a valid authorization.

    4. California Privacy Rights

    If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the "CCPA"), provides you the right to know what personal information we collect, use, disclose, and (if applicable) sell or share; the right to request deletion; the right to correct inaccurate personal information; and the right not to be discriminated against for exercising these rights. We do not sell or share personal information as those terms are defined under the CCPA. To exercise these rights, contact us using the information in Section 11.

    California Confidentiality of Medical Information Act. Medical information about California residents is also protected by the California Confidentiality of Medical Information Act (Cal. Civ. Code Sections 56 to 56.37), which restricts the disclosure of medical information without authorization and which may provide additional rights and remedies.

    5. Washington Consumer Health Data

    If you are a Washington resident, the Washington My Health My Data Act (RCW 19.373) governs consumer health data that is not regulated by HIPAA. Our collection, use, and sharing of such consumer health data, and the rights available to you (including the rights to access, withdraw consent, and request deletion), are described in our separate Consumer Health Data Privacy Policy, which is incorporated by reference into this Privacy Policy.

    6. Other U.S. State Privacy Rights

    Residents of certain other states may have rights to access, correct, delete, or obtain a copy of their personal information, and to opt out of certain processing, under applicable state privacy laws. To exercise any such right, contact us using the information in Section 11. We will verify and respond to requests as required by applicable law.

    7. Cookies and Tracking Technologies

    We and our service providers use cookies, pixels, and similar technologies to operate the Services, remember your preferences, measure usage, and improve the Services. You can control cookies through your browser settings, although disabling cookies may affect the functionality of the Services. We respond to recognized opt-out preference signals where required by applicable law.

    8. International Users

    The Services are intended for users located in the United States. We do not intend to offer the Services to, or collect personal data from, individuals located in the European Economic Area, the United Kingdom, or other jurisdictions whose data-protection laws would apply to such processing. If you access the Services from outside the United States, you do so on your own initiative and are responsible for compliance with local law, and you consent to the transfer and processing of your information in the United States.

    9. Children's Privacy

    The Services are not directed to, and we do not knowingly collect personal information from, individuals under the age of eighteen (18). If we learn that we have collected personal information from a person under eighteen (18), we will delete it. Where a parent or legal guardian holds an account on behalf of a minor for a permitted purpose, the guardian is responsible for that account and the information submitted through it. If you believe a minor has provided us personal information, contact us using the information in Section 11.

    10. Data Security and Retention

    We maintain administrative, physical, and technical safeguards designed to protect information against unauthorized access, use, alteration, and destruction. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. We retain information for as long as necessary to provide the Services, comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements, after which we delete or de-identify it.

    11. Changes to This Policy; Contact Us

    We may update this Privacy Policy from time to time. We will post the updated policy with a revised effective date and, where required by law, provide additional notice. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

    If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:

    MedGrid, LLC

    MedGrid, LLC, 1691 Michigan Ave, Ste 360, Miami, Florida, USA

    privacy@medgrid.com

    MedGrid

    The verified medical marketplace for licensed clinicians — one platform connecting manufacturers, distributors, and practices with a transparent, compliant supply chain.

    Platform
    • Marketplace
    • For Doctors
    • For Vendors
    • For Sales Teams
    • MSO Membership
    • Developer API
    • Vendor Guide
    • Customer Guide
    Resources
    • Learn
    • Help Center
    • Clinician Guide
    • Compliance
    • Contact Support
    Company
    • About MedGrid
    • Partners
    • For You
    • Join as a Doctor
    • info@medgrid.com
    • 888-415-2175

    MedGrid is a marketplace for licensed healthcare professionals. Access to pharmacy and restricted product categories requires verified credentials (NPI, and where applicable state license or DEA registration). Product availability and regulatory requirements vary by US federal law, by individual US state, and by international jurisdiction — verify the rules that apply to your practice location before ordering. Nothing on this site is medical advice.

    © 2026 MedGrid, LLC. All rights reserved.
    Privacy Terms Consumer Health Data Returns & Refunds Privacy Practices (HIPAA) Legal Center Compliance