HOCKADAY RX | PRIVACY POLICY — Effective April 1, 2026 | Last Updated: April 2026
Hockaday Rx, LLC (“Hockaday Rx,” “we,” “our,” or “us”) is a pharmacist-led sports pharmacy consulting practice formed in April 2026, based in Inglewood, California. We are committed to protecting your privacy and handling your information with care, transparency, and compliance with applicable law, including HIPAA where applicable.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.hockadayrx.com), book a consultation, submit a question through our Ask the Pharmacist feature, subscribe to The Scoop newsletter, or otherwise interact with us. By using the Site or Services, you consent to the data practices described in this Privacy Policy. If you do not agree, please do not access or use the Site or Services.
1. Information We Collect
1.1 Information You Provide Directly
When you contact us, book a consultation, or engage our services, you may provide:
Account Creation and Consultation Booking:
Name, email address, phone number, and mailing address
Date of birth
Athletic information (sport, competition level, training goals)
Payment information — processed by third-party payment processors; we do not store full payment card numbers
Consultation and Service Delivery:
Medical history and current health conditions
Current medications (prescription and over-the-counter) and dietary supplements
Allergies and adverse reactions
Athletic performance data (training schedule, competition dates)
Therapeutic Use Exemption (TUE) documentation and anti-doping testing history
Goals and performance objectives
Ask the Pharmacist Feature:
Questions may be submitted anonymously or with contact information at your discretion
We do not require account creation or health disclosure for general inquiries
Submitted questions may be reviewed by our pharmacist and published in anonymized, educational form unless you request otherwise
Communications and Downloadable Resources:
Email correspondence, feedback, reviews, and survey responses
Email address and optional name when downloading free guides, checklists, or research materials
1.2 Information Collected Automatically
When you access the Site, we and our service providers automatically collect:
IP address, browser type and version, operating system, and device type
Pages visited, time spent on pages, referring website, and navigation patterns
Date and time of visit
Cookies and similar tracking technologies (see Section 7)
1.3 Information from Third Parties
We may receive information from platforms that support our operations, including Acuity Scheduling (appointment booking), Klaviyo (email marketing), Google Analytics (site analytics), and social media platforms if you interact with our content there.
2. How We Use Your Information
Service Delivery:
Schedule and conduct pharmacist consultations; perform supplement analysis and medication reviews
Provide WADA and anti-doping compliance guidance
Respond to Ask the Pharmacist inquiries
Develop personalized performance protocols and send appointment communications
Process payments and maintain transaction records
Communication and Marketing:
Respond to inquiries and deliver The Scoop newsletter and educational content (with your consent)
Notify you about new services, community events, and clean sport programming
You may opt out of marketing communications at any time (see Section 9)
Site Operations and Compliance:
Analyze Site usage and improve functionality and user experience
Monitor Site security and identify technical issues
Comply with legal obligations, including HIPAA where applicable
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
3. Protected Health Information (PHI) and HIPAA
3.1 When HIPAA Applies
If you engage in a paid pharmacist consultation involving medical history, medications, or health conditions, information you share may constitute Protected Health Information (PHI) subject to HIPAA. In those instances, we implement HIPAA-compliant safeguards including:
Encrypted cloud storage with access controls limited to authorized personnel
Secure communications for consultations
Business Associate Agreements (BAAs) with third-party vendors that handle PHI
Staff training on HIPAA privacy and security requirements
3.2 Your HIPAA Rights
If your information is subject to HIPAA, you have the right to access and receive a copy of your PHI; request corrections to inaccurate information; request an accounting of disclosures of your PHI; request restrictions on how we use or disclose your PHI; and request communications via alternative means.
A separate Notice of Privacy Practices (NPP) is available upon request and will be provided to clients receiving pharmacist consultation services.
HIPAA Privacy Officer: Brandon Hockaday, PharmD — brandon@hockadayrx.com
3.3 When HIPAA Does Not Apply
HIPAA protections do not apply to general website visitors who have not engaged in paid consultations, users who download free resources without providing health information, questions submitted through Ask the Pharmacist without a formal consultation agreement, or publicly available educational content on the Site.
4. How We Share Your Information
4.1 Service Providers
We share information with trusted third-party vendors who perform services on our behalf, including:
Payment processors (Stripe, Square, or similar) — transaction facilitation
Acuity Scheduling — appointment booking and confirmation
Klaviyo — email marketing and newsletter delivery
Squarespace — website hosting and infrastructure
Google Analytics — aggregated site usage analytics
Cloud storage providers — secure document and record storage
These providers are contractually required to protect your information and may only use it to perform services for us. Where PHI is involved, we execute Business Associate Agreements (BAAs) as required by HIPAA.
4.2 Legal Requirements
We may disclose your information as required by law, including to comply with a subpoena, court order, or government request; to investigate fraud or violations of our Terms of Use; or to protect the rights, property, or safety of Hockaday Rx, our clients, or the public.
4.3 Business Transfers
If Hockaday Rx is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and your rights.
4.4 With Your Consent
We may share your information with third parties when you provide explicit consent, such as sharing testimonials publicly (with your permission), coordinating care with your physician (with your authorization), or referring you to partner organizations.
4.5 Aggregated or De-Identified Data
We may share aggregated or de-identified information that cannot reasonably be used to identify you, such as statistical data about Site usage or research findings based on anonymized data.
5. Data Retention
We retain personal information for as long as necessary to provide our services and comply with applicable law:
Healthcare records (PHI): 7 years from the date of last service, per California law and HIPAA requirements
Payment and billing records: 7 years (for tax and accounting purposes)
Appointment scheduling records: 3 years
Email marketing lists: until you unsubscribe or request deletion
Website analytics: aggregated data retained indefinitely; IP addresses anonymized after 26 months
Legal holds: retained until the matter is resolved if subject to legal proceedings
You may request deletion of your personal information at any time (see Section 9). We may retain certain information as required by law, to complete transactions, resolve disputes, or enforce agreements.
6. Data Security
6.1 Security Measures
We implement administrative, technical, and physical safeguards to protect your information, including SSL/TLS encryption for data transmission; encrypted storage of sensitive data; access controls and authentication; regular security updates and patches; staff training on privacy practices; confidentiality agreements with employees and contractors; and secure disposal of physical records.
6.2 No Guarantee of Security
While we take reasonable measures to protect your information, no internet transmission or electronic storage system is completely secure. You acknowledge and accept this inherent risk when using the Site or Services.
6.3 Data Breach Notification
In the event of a data breach involving your personal information, we will notify you in accordance with applicable laws, including HIPAA breach notification requirements (within 60 days of discovery) and California’s data breach notification statute.
7. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to enhance your experience and gather analytics:
Strictly necessary cookies — required for Site functionality; cannot be disabled without affecting performance
Performance and analytics cookies — Google Analytics and similar tools; track page views and navigation patterns
Functional cookies — remember your preferences (language, time zone)
Marketing cookies — may be placed by third-party tools such as Klaviyo to deliver relevant content (with your consent)
You may control cookies through your browser settings. Opt-out tools are available through Google Analytics (tools.google.com/dlpage/gaoptout), the Network Advertising Initiative (networkadvertising.org/choices), and the Digital Advertising Alliance (aboutads.info/choices). We do not respond to “Do Not Track” signals at this time.
8. Third-Party Links
Our website may link to third-party sites, including research publications, supplement verification services (NSF, Informed Sport), social media platforms, and partner organizations. We are not responsible for the privacy practices of third-party websites. This Privacy Policy applies only to information collected by Hockaday Rx. We encourage you to review the privacy policies of any external sites you visit.
9. Your Privacy Rights and Choices
9.1 Access, Correction, and Deletion
You have the right to request a copy of the personal information we hold about you, request corrections to inaccurate information, and request deletion of your information (subject to legal and recordkeeping obligations). Email hello@hockadayrx.com with “Access Request” or “Deletion Request” in the subject line. We will respond within 10 business days.
9.2 Opt-Out of Marketing
You may opt out of promotional emails at any time by clicking “Unsubscribe” in any marketing email, emailing hello@hockadayrx.com with “Unsubscribe” in the subject line, or updating your account preferences. We may still send transactional emails related to your consultations or appointments.
9.3 California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the right to know what personal information we collect, use, and share; the right to delete your personal information (subject to exceptions); the right to correct inaccurate information; the right to opt out of the “sale” or “sharing” of personal information (we do not sell or share personal information for cross-context behavioral advertising); the right to limit use of sensitive personal information; and the right to non-discrimination for exercising these rights.
To exercise CCPA/CPRA rights, email hello@hockadayrx.com or call (310) 617-3365. We will respond to verified requests within 45 days (extendable by an additional 45 days if necessary).
10. Children’s Privacy
10.1 General Age Restriction
Our Site and Services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information without parental consent, we will delete it immediately. Contact hello@hockadayrx.com if you believe we have collected information from a child under 13.
10.2 Youth Athletes (Ages 13–17)
For youth athletes ages 13–17 engaging with our clean sport education, youth sport programming, or community events:
Parental or guardian consent is required for consultations
Parents or guardians must provide information on behalf of minors
We collect only information necessary to provide the requested services
11. International Data Transfers
Hockaday Rx is based in the United States. If you access the Site from outside the U.S., your information may be transferred to, stored, and processed in the U.S., where data protection laws may differ from those in your country. By using the Site or Services, you consent to the transfer of your information to the United States.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date above and post a prominent notice on the Site homepage. For material changes affecting your rights, we will also provide email notification. Continued use of the Site or Services after changes are posted constitutes acceptance of the updated Privacy Policy.
13. Contact Us
For general privacy inquiries, to exercise your rights, or for HIPAA-related matters:
Hockaday Rx, LLC
Inglewood, California
Email: hello@hockadayrx.com
Phone: (310) 617-3365
Website: www.hockadayrx.com
HIPAA Privacy Officer:
Brandon Hockaday, PharmD — Founder & Licensed Pharmacist
Email: brandon@hockadayrx.com
CA Board of Pharmacy License #: 67640