Rxilient Privacy Policy

Effective 24th April, 2026 until it is amended, updated, or superseded by a subsequent version.

This is Privacy Policy (“Policy”) explains how RXILIENT HEALTH PTE LTD and its subsidiaries (collectively the “RXILIENT”, “we”, “us”, or “our”) collect, use, disclose, and protect personal data. This Policy applies to all personal data you provided to us or that we collect when you access our websites, mobile applications, or services.

By using our websites, mobile applications, or services, or by providing personal data to us, you consent to the practices described in this Policy. If you do not agree, please refrain from providing personal data or using our services.

1. Personal Data We Collect

1.1 Data collected directly from you

When you use our website, interact with our staff, or use our services, we may collect personal data directly from you. This may include, but is not limited to: –

  • your contact information, including your (first and last) name, (billing and/or delivery) address, birthdate, email address and, your telephone number.
  • other information required to process orders or to provide services (product or service details, banking or payment information);
  • the preferences and interests stored in an online profile or account; and/or
  • details of any contact with our customer service team, including inquiries, complaints, and contact history.

1.2 Data collected by automated means

Various technologies may be used on our website and our mobile and web-based applications in order to make them more user-friendly, effective and secure. Such technologies may lead to data being collected automatically by us or by third parties on behalf of us. This data does not generally, but may, contain a user’s personal data. Examples of such technologies include:

A. Click-stream data: When you visit our websites, the information below may be collected:

  • the visitor’s IP address
  • the date and time of the visit
  • the referral URL (the site from which the visitor has come)
  • the pages visited on our website
  • information about the browser used (browser type and version, operating system, etc).

B. Cookies, web beacons, pixels, and similar tools: These help us store session information, maintain security, personalize your experience, measure website performance, and evaluate responses to communications or marketing. You may disable cookies via your browser settings, though some functionality may be affected.

C. Flash cookies. In certain cases, Adobe Flash or similar technologies may store information on your device that cannot be deleted through the browser. These can be managed according to instructions provided by the software provider.

D. Social plug-ins:When interacting with social media features (e.g., Facebook, Twitter), information about your activity may be shared with those platforms. Please refer to their privacy policies for details.

E. Location-based services:Certain services may use GPS or other location data to provide maps, directions, or location-specific features. You can choose to enable or disable these services.

F. Analytics. We may use analytics services such as Google Analytics to collect and analyze website and application usage data, including click-stream data and cookie information. These services may help us improve usability, content relevance and functionality. Analytics data may also be linked to your online profile where applicable.

G. Advertising and retargeting technologies: We or our business partners may use tracking technologies to display advertisements based on your browsing behavior. Such technologies collect non-personally identifiable information, and we do not store personal data with these tools.

Data collected by these automated means may be used to enhance user experience, deliver relevant content, improve services, detect and prevent fraud, and comply with legal or regulatory obligations. Some of these technologies may involve third-party providers who act on our behalf and are contractually required to protect your personal data in accordance with this Policy.

1.3 Data collected from other sources

Where permitted by law, we may collect personal data from public databases, social media platforms, or third parties who provide services to RXILIENT, such as verifying professional licensure or other credentials.

1.4 Sensitive Information and Health Data

In addition to the categories described above, we may collect sensitive information as defined under applicable local laws. This may include:

  • Certain characteristics of protected classifications (e.g., race, gender, age, disability).
  • Precise geolocation data.
  • Account login credentials and passwords.
  • Health information, including health data as described below.
  • Financial information.

Depending on the service or product you use, we may also process health data to identify your past, present, or future physical or mental health status. Examples include:

  • Information about health conditions, symptoms, diseases, diagnoses, tests, treatments, surgeries, procedures, use or purchase of medications, or other social, psychological, behavioral, or medical interventions.
  • Measurements of bodily functions, vital signs, symptoms, or other health characteristics.
  • Information regarding gender-affirming care or reproductive or sexual health.
  • Data that could identify you as an individual seeking healthcare services.
  • Any inferences derived from non-health related information that relate to the above categories.

Sensitive information and health data may be shared within RXILIENT and with service providers, professional advisors, or regulatory and government authorities, only as necessary to provide services, comply with legal obligations, or maintain the security and functionality of our operations. All such parties are contractually required to protect personal data in accordance with this Policy.

1.5 Data Minimization

RXILIENT collects only the personal data necessary to fulfil the purposes described in this Policy. We limit the collection, use, and disclosure of personal data to what is reasonably required for providing our products, services, and related business operations, or as otherwise permitted by law.

2. How personal data is used

2.1 Serving You

We use your personal data primarily to:

  • provide you with the requested products and/or services;
  • notify you of order or service status;
  • ensure that your transactions on our websites are safe and secure;
  • contact you for feedback after a sale of a product or service;
  • respond to inquiries or complaints;
  • resolve any issues you may encounter in relation to our products and/or services; and/or
  • Provide you with newsletters, articles, alerts, announcements, invitations and other information about products, brands, health topics and disease states.

2.2 Business Purpose

We may also use your personal data for purposes relevant to RXILIENT’s business operations, which include:

  • complying with legal and regulatory obligations;
  • enforcing obligations owed to RXILIENT;
  • researching and developing new products and/or services or improving existing products and/or services;
  • staff training, accounting, risk management, compliance and record keeping purposes; and
  • statistical analysis, research, and planning for business operations.

 2.3 Marketing and Communications

With your consent, we may use your personal data to provide marketing information regarding products and services offered by RXILIENT or its strategic partners, including newsletters, special offers, promotions or events. To make marketing more relevant, we may analyze your interactions with us, such as:

  • shopping behaviour in e-shops
  • your use of loyalty programmes
  • your ratings and reviews of products
  • your contact history with our customer service
  • newsletter engagement (clicks and opening)
  • participation in promotions or events
  • your interactions with us and/or your use of (mobile) applications.

We may contact you using mail, fax, email, SMS, telephone, or other electronic means. You may withdraw consent or opt out of marketing communications at any time.

2.4 Validation of Eligibility to Access Products, Services and Information

Certain products, services, or information we offer may only be suitable for, or accessible to, individuals who meet specific eligibility or professional criteria. Where applicable, we may verify that you meet such criteria using information collected directly from you or from third-party sources. For example, some professional materials or product information may be intended only for licensed healthcare professionals, authorized distributors, or other designated users.

2.5 Special Programs, Promotions, and Events

From time to time, RXILIENT may offer special programs, activities, events, or promotions (“Special Programs”). Each Special Program may have specific terms, privacy notices, or consent requirements that explain how personal data you provide in connection with the program will be collected, used, and disclosed. We recommend that you review the relevant terms before participating in any Special Program.

2.6 Handling Complaints and feedback

If you have contacted us with any complaints, feedback, comments, suggestions, we may use your personal data (including your contact history) to respond and provide  the best service possible. If you request anonymity in a complaint, we will endeavour to protect your identity, although it may not always be feasible to process the complaint anonymously.

2.7 Anonymized and Aggregated Data

Personal data may also be anonymized or aggregated for analysis, research, planning or statistical purposes. In these cases, individual identification is not possible. 

2.8 Other Purposes

If we need to use your personal data for purposes not described above, we will notify you and obtain your consent beforehand.

3. Disclosure of information

RXILIENT does not sell your personal data.

3.1 Disclosure with Consent

We will only disclose your personal data to third parties where you have provided us consent, and in the situations expressly set out in in this Policy. If you have consented to receiving marketing information from us, our strategic partners and/or business associates, we will be disclosing your personal data to them.

3.2 Internal Sharing Within RXILIENT

Your personal data may be shared among RXILIENT and its subsidiaries to allow us to provide the products and services you have requested.

3.3 Service Providers and Professional Advisors

We may engage third-party companies or individuals to perform services on our behalf (“Providers”). Providers may have access to personal data, including through cookies, pixels, or similar technologies, to perform their functions. These services may include, for example, website hosting and maintenance, data analysis, email messaging, delivery services, payment processing, and verification of solvency or address.

In addition, we may share personal data with professional advisors such as accountants, lawyers, and auditors, as well as other parties assisting us in handling customer inquiries or correspondence, including complaints sent to our office. All such parties are required to use and protect your personal data in accordance with this Policy.

 3.4 Website Functionalities and Sharing

Personal data may be disclosed to comply with legal obligations or industry requirements. This includes disclosures to regulatory, governmental, tax, or law enforcement authorities, or where otherwise required by law.

3.6 Disclosure Within Our Family of Companies

Personal data may be shared among RXILIENT and its subsidiaries for the purposes described in this Policy, including providing products, services, and support.

3.7 Business Transfers

In the event that RXILIENT sells, merges, or transfers a business unit, subsidiary, or assets (including websites or other digital services) to another company, personal data may be transferred to the new entity. We will require that the recipient use and protect personal data in a manner consistent with this Policy. This also applies to companies formerly part of RXILIENT to which we provide transitional services.

3.8 Compliance with Legal Obligations

We may disclose personal data when required by law or when we believe disclosure is necessary to comply with a regulatory requirement, court order, government request, or legal process. Personal data may also be disclosed to protect the safety, rights, or property of our customers, the public, RXILIENT, or others.

4. Retention of Personal Data

We will retain your personal data for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce agreements. The criteria used to determine retention periods include:

  • The length of our ongoing relationship with you and provision of services;
  • Legal or regulatory obligations that require us to retain certain information;
  • Business needs or potential disputes that may require us to retain data.

When your personal data is no longer required for these purposes, we will securely delete, anonymize, or destroy it in accordance with applicable law.

5. Your rights

5.1 Subject to applicable laws and certain exceptions, you have the following rights with respect to your personal data, free of charge:

  • Access: You may request access to personal data that we hold about you and information about how it has been used or disclosed. Subject to applicable law, we may charge a reasonable administrative fee for responding to such requests and may decline requests that are manifestly unfounded, excessive, or repetitive.
  • Correction: You may request that we correct any inaccurate or incomplete personal data by providing necessary supporting documents.
  • Deletion: You may request that we delete your personal data where permitted by law.
  • Withdrawal of Consent: You may withdraw any consent you have previously provided to RXILIENT for processing personal data, including for marketing or promotional purposes. Please note that withdrawing consent may affect our ability to provide you with certain products or services.
  • Information: You may request information on how we process your personal data, including:
    • Categories of personal data collected;
    • Sources of personal data;
    • Business purposes for collection;
    • Third parties with whom we have disclosed your personal data; and
    • Categories of personal data shared for business purposes.

5.2 Submitting Requests

To exercise your rights, please contact us at admin@rxilient. We may ask for information to verify your identity and protect against fraudulent requests. Authorized agents may submit requests on your behalf with proper proof of authorization.

5.3 Authorized Representatives

You may authorize another person to act on your behalf to submit a request concerning your personal data. RXILIENT may require proof of authorization, such as a signed letter of consent or other documentation, to ensure the request is valid.

5.4 Right to Complain

If you believe RXILIENT has mishandled your personal data or has not complied with this Policy, you have the right to lodge a complaint with RXILIENT. All complaints will be evaluated by us in a timely manner. After the evaluation, we will respond to the person who submitted the complaint or feedback, with the results of the evaluation.

5.5 Limitations

RXILIENT may be prevented by law from complying with certain requests or may be required to retain personal data for legal or regulatory reasons. In such cases, we will inform you of the limitation and the applicable legal basis.

6. Miscellaneous / Other Information

6.1 Cross-Border Transfers
Our websites and services may be operated from locations outside Singapore, including countries that may not provide the same level of personal data protection as Singapore. By using our websites or services, you acknowledge that your personal data may be stored, processed, or accessed in such locations. RXILIENT will handle your personal data in accordance with this Policy, regardless of where your personal data is stored or accessed. If you are visiting from outside Singapore, please note that the laws protecting personal data in your country may differ from those in Singapore.

6.2 Children
Our websites and services are not directed to individuals under the age of thirteen (13), and we do not knowingly collect personal data from children under the age of 13. If we learn we have inadvertently collected data from a child under 13, we will delete it promptly.

6.3 Policy Updates
We may update this Privacy Policy from time to time. Any changes will take effect when we post the revised Policy on our website. If changes significantly affect how we process your personal data, we will provide notice or obtain consent where required. Minor updates that do not materially affect the use of personal data may be made without notice. We encourage you to periodically review this page for the latest information on our privacy practices.

6.4 Privacy Officer Contact

For any questions regarding this Privacy Policy or to exercise your individual rights, you may contact our Privacy Officer:

Rxilient Health Pte. Ltd.
1 Coleman Street #08-01, The Adelphi,
Singapore 179803
Email: [email protected]

We will respond to your inquiries in accordance with applicable laws.

7. Security

We endeavor to take precautions to ensure that the information you have provided is protected against unauthorised or unintended use, access or disclosure. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Disclaimer

To the maximum extent permitted by law, RXILIENT shall not be liable for any indirect or consequential damages arising from unauthorized or unintended use, access, or disclosure of your personal data.