Thirty Madison Privacy Policy

Thirty Madison Online Privacy Policy

Last Updated: July 29, 2025

Consumer State Privacy Notice

1. INTRODUCTION Thirty Madison, Inc., d/b/a Cove, Keeps, and Nurx (collectively “Thirty Madison”), and its subsidiaries and affiliates, understand the importance of your privacy and protecting your personal information. The term “personal information” used in this privacy policy means any information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household. However, the term “personal information” does not include any deidentified or aggregated information such that it can no longer be reasonably be used to identify you. Accordingly, the purpose of this Privacy Policy (the “Policy”) is to describe how Thirty Madison collects, uses, and shares information about you to provide services to you (our “Service”) through our websites, social media, email exchanges, mobile apps, and other online services on which this Policy is posted. This Policy also describes how you can request to access, change, and remove your personal information, as applicable. Please read this Policy carefully to understand what we do. If you do not understand or agree to any aspect of our Policy, please contact us before continuing to use our Service. This Policy is written in the English language. We do not guarantee the accuracy of any translated versions of this Policy. To the extent that any translated versions of this Policy conflict with the English language version, the English language version of this Policy shall control.

Thirty Madison also manages medical groups that provide treatment to Thirty Madison customers and pharmacies that fill prescriptions for Thirty Madison customers. When Thirty Madison handles protected health information (“PHI”) on behalf of the medical groups and the pharmacies, Thirty Madison follows the medical group Notice of Privacy Practices and not this Policy. The medical group Notice of Privacy Practices, can be found at: https://patient.thirtymadison.com/dashboard/legals/kmg-notice-of-privacy-practices.

2. COLLECTION OF PERSONAL INFORMATION

Information You Provide to Us. We collect information you provide to us when you create or modify your account, register to use our websites (including, https://www.withcove.com/, https://www.keeps.com/, https://with.nurx.com (collectively, with our mobile application(s), the “Site”), purchase products or services from us, post comments or reviews on our Site, request information from us, contact customer support, or otherwise communicate with us.

Information We Obtain Indirectly. We may receive certain information about you through companies that provide us with such information as part of their relationship with us, including Hotjar, Hubspot, Mixpanel, Stripe, VWO, Yotpo and other third party tools. We may also receive information about you from your social media accounts if you use those accounts to sign-in to your account with us. We do not control the use of your personal information by such third-parties. These third parties are solely responsible for processing your personal information in accordance with their own privacy policies, but when received by us, we will only process your personal information in accordance with this Privacy Policy.

Information We Collect Automatically. When you use our Service, we collect certain information about you automatically through our use of cookies and similar technologies. These are described in more detail below.

Aggregate Information. We may combine information we receive from other sources with information you give to us and information we collect about you. Depending on the types of information received, we will use the information received from other sources or the combined information for the purposes described in this Policy.

3. CATEGORIES OF PERSONAL INFORMATION AND PURPOSE FOR COLLECTION Thirty Madison collects and processes personal information from you as necessary for our information processing activities, which includes the following categories of personal information: (1) contact information, including your name, address, email address, mailing address, postal address, and telephone number; (2) authentication information, including the user name and hashed password that you use to register an account on the Site; (3) financial information, which may include your tokenized versions of your debit or credit card number, its expiration date, and a tokenized version of its security code for payment processing purposes; (4) personal characteristics, including date of birth, photographs of your ID and insurance card, general medical history, and other information relevant to diagnosis and treatment; (5) comments, reviews, and suggestions; (6) personal preferences, including product preferences, online preferences, and interests; (7) online behavior information including details of your visits to our Site, online activity, time spent viewing features, traffic data, location data, logs, language, date and time of access, frequency, and other communication data and the resources that you access and use on the Site; (8) and operating system, host domain, browser type, IP address, mobile network information, or device information.

Our information processing activities include: conducting our business; providing you with the information, products, and services that you may request from or through us; to provide and personalize our Site and its content to you; customer communications and support; user verification; payment processing; shipping; quality management services; Site maintenance and improvements (including for troubleshooting and debugging); to maintain the safety, security, and integrity of our Site, products and services, databases, and other technology assets; detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity; designing, developing, and communicating with you about our features, products, and services; any purpose where you have given your consent (where legally required); enforcing our legal rights or subject to any consents or authorizations that are required by applicable law, including those of our subsidiaries, affiliates, etc. and any of their related businesses and those of our third-party partners; complying with legal requirements; and in other ways we may describe when you provide the personal information; and other compatible purposes. Where applicable, if Thirty Madison intends to further process your personal information for any other incompatible purpose, we will provide you with any relevant information on such additional purpose and obtain your consent, to the extent required by applicable law.

4. DISCLOSURE OF PERSONAL INFORMATION Thirty Madison does not trade, rent, or sell your personal information to third parties for their own purposes. We may share or disclose de-identified information for any purpose without restriction and may share or disclose your personal information for the following limited purposes:

Healthcare Providers. We share your personal information with health care providers, including without limitation, clinicians, health care facilities and organizations, pharmacies, and laboratories. Health care providers will follow a separate Notice of Privacy Practices in how they use and disclose your personal information.

Vendors and Services Providers. We may provide information to third party vendors and service providers that perform services and functions on our behalf, such as to help us operate and manage our Service and the Site, process orders, and fulfill and deliver products and services that you purchase from us. These vendors and service providers may have access to your personal information in order to provide these services to us, but when this occurs and where possible, we implement contractual protections to limit their use of that information to help us provide our Service and support our interactions with you.

Your Consent to Have Your Personal Information Shared. We may also share personal information with companies, organizations, or individuals outside of Thirty Madison when we have your consent to do so.

Legal Disclosure. We will share personal information with third party companies, organizations, or individuals outside of Thirty Madison: (1) when we believe in good faith that access, use, or disclosure of the information is reasonably necessary to comply with a legal obligation; (2) when we believe in good faith that the law requires it; (3) at the request of governmental authorities conducting an investigation; (4) to verify or enforce our agreements, terms of use, or other applicable policies; (5) to respond to an emergency; or (6) otherwise to protect the rights, property, safety, or security of Thirty Madison, third parties, visitors to our Site, or the public, as required or permitted by law.

Transfer in the Event of Sale or Change of Control. If the ownership of all or substantially all of our business changes, or we otherwise transfer assets relating to our business or the Site to a third party, such as by merger, acquisition, bankruptcy proceeding, or otherwise, we may transfer personal information to the new owner. In such a case, unless prohibited by applicable law, your information would remain subject to the privacy policy applicable at the time of such transfer, unless you discontinue use of our Service. We will inform you of any such changes in ownership.

5. ACCESS TO YOUR INFORMATION AND CHOICES Contact Us. You can access and update certain information we have relating to your online account by signing into your account and going to the Account section of our Site. If you have questions about personal information we have about you or need to update your information, you can contact us at:

  • Cove: Phone (877) 456-2683; Email care@withcove.com
  • Keeps: Phone (833) 745-3377; Email help@keeps.com
  • Nurx: Phone (800) 321-NURX (6879), Email nurx-support@thirtymadison.com

Social Media Account Sign On. To the extent that you choose to use a social media account application (such as Google, Facebook, or Apple) to create your online account on the Site or otherwise sign into the Site, you understand that if another person has access to your social media account, they will also have access to your account on the Site. That means that another person could access any personal information contained on the Site. It is your decision about whether to give another person access to your social media account and whether to use that account to sign on to the Site. Also, if you use a social media account application to sign into the Site, you understand that the social media account application may send information from your social media account to Thirty Madison.

6. SECURITY OF YOUR INFORMATION We strive to use best practices and industry standard security measures and tools to protect your data and have taken steps and implemented administrative, technical, and physical safeguards designed to protect against the risk of accidental, intentional, unlawful, or unauthorized access, alteration, destruction, disclosure, or use. However, the sharing and disclosing of information via the internet is not completely secure and we cannot guarantee the security of information transmitted to, on, or through the internet to our Services. Thirty Madison cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your personal information. Where you have been given or you have chosen a password, it is your responsibility to keep this password confidential. Any transmission of personal information is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on our Site, in your operating system, or mobile device.

Accordingly, it is your responsibility to protect the security of your login information, including your username and password.

7. COOKIES AND OTHER TECHNOLOGIES We also collect information automatically as you navigate through our Site through cookies and other tracking technologies. To view cookies on our Site and exercise your rights related to tracking technologies, navigate to the bottom of the page and click on “Your Privacy Choices” or the icon of the cookie.

We and our service providers (e.g. sub-contractors, analytics providers, advertising networks, etc.) may use cookies, web beacons, and other technologies to receive and store certain types of information whenever you interact with our Site or Service through your computer or mobile device. A “cookie” is a small file or piece of data sent from a website and stored on the hard drive of your computer or mobile device. You can find more information about cookies at http://www.allaboutcookies.org.

Some of the cookies we use are “session” cookies meaning that they are automatically deleted from your hard drive after you close your browser at the end of your session. Session cookies are used to maintain your login state, optimize performance of the Site, and to limit the amount of redundant data that is downloaded during a single session. We also may use “persistent” cookies, which remain on your computer or device unless deleted by you (or by your browser settings). We may use persistent cookies for various purposes, such as statistical analysis of performance to ensure the ongoing quality of our Site and/or Service. We and third parties may use session and persistent cookies for analytics and advertising purposes, as described herein.

On your computer, you may view and refuse to accept browser cookies by clicking “Your Privacy Choices” or the icon of the cookie on the bottom of the Site homepage and changing your cookie settings under Storage Preferences by clicking the toggle next to the cookie type (so the toggle turns off) or by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting you may be unable to access or use certain parts of our Site or our Service. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Site.

Where permitted by law, unless you have adjusted your browser setting or adjusted your preferences as described above so that it will refuse cookies, our Site will issue cookies when you direct your browser to our Site. You may opt-out of these cookies as described above. In states with applicable privacy laws that prohibit our use of cookies without affirmative consent, we will only place non-essential cookies on your device with your affirmative, opt-in consent. BY CONTINUING TO ALLOW COOKIES, YOU HEREBY CONSENT TO OUR RECORDING AND DISCLOSURE TO THIRD-PARTY COOKIE PROVIDERS OF INFORMATION RELATED TO YOUR USE OF THE SITE AND OTHER COMMUNICATIONS YOU MAY HAVE WITH OUR SITE. Some content or cookies or other technologies used on the Site are served by third-parties, including advertisers, ad networks and servers, content providers, analytics providers, social media companies, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Site. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see below.

8. ADVERTISEMENTS AND DO NOT TRACK SIGNALS We may use data about how you browse and shop in order to show you ads for Thirty Madison or our advertising partners that are relevant to your interests. We may use cookies and other information to provide relevant interest-based advertising to you, and ad networks to which we belong may use your browsing activity across participating websites to show you interest-based advertisements on those websites. We may also share your personal information with entities that assist us with marketing and advertising. Interest-based ads are ads presented to you based on your browsing behavior to provide you with ads more tailored to your interests. These interest-based ads may be presented to you while you are browsing our Site or third- party sites not owned by Thirty Madison. Where permitted by applicable law, we may also receive personal information about you from third party sources (e.g., lead generators) to determine whether a Thirty Madison product or service is right for you and to send promotional emails to customers and prospective customers.

Currently, our Site does not recognize if your browser sends a “do not track” signal or similar mechanism to indicate you do not wish to be tracked.

We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can learn more about interest-based advertisements and your opt-out rights and options from members of the Network Advertising Initiative (“NAI”) on its website (www.networkadvertising.org) and from members of the Digital Advertising Alliance on its website (www.aboutads.info).

9. CHILDREN’S PRIVACY If you are under the age of 18, please do not attempt to register with us at this Site, engage our Service, or provide any personal information about yourself to us. If we learn that we have collected personal information from someone under 18, we will promptly delete that information. If you believe we have collected personal information from someone under the age of 18, please contact us at:

  • Cove: Phone (877) 456-2683; Email care@withcove.com
  • Keeps: Phone (833) 745-3377; Email help@keeps.com
  • Nurx: Phone (800) 321-NURX; Email nurx-support@thirtymadison.com

10. STATE PRIVACY LAWS For more information on any additional rights under your state law, please see our Consumer State Privacy Notice

11. LINKED SITES The Site may contain links to third party owned or operated websites, including, without limitation, social media websites (each a “Linked Site”), as a convenient method of accessing information that may be useful or of interest to you. This Policy and the practices that we follow under this Policy do not apply to Linked Sites. We are not responsible for the content, accuracy, or opinions expressed on any Linked Site or for the privacy practices or security standards used by third parties on such Linked Sites. These Linked Sites have separate privacy and data collection practices, and we have no responsibility or liability relating to them. Accordingly, if you use Linked Sites through our Site, to login to our Site, or to share information about your experience on our Site with others, these Linked Sites may be able to collect information about you, including information about your activity on our Site. In accordance with their own privacy policies, the Linked Sites may further notify your social media connections about your use of our Site. You understand and agree that by clicking on a link to a Linked Site or using a Linked Site as described above, this Policy, as stated on the Site, is no longer in effect because you have either left our Site or used a Linked Site to interact with our Site.

12. USER CONTENT Some features of our Site or Service may now or in the future allow you to provide content, such as written comments or reviews, to be published or displayed on public areas of the Site (“User Content”). Be careful about giving out information in public areas of the Site. The information you share in public areas may be read, collected, or used by any user of the Site. We cannot control the actions of other users of the Site with whom you may choose to share your User Content.

13. CONSENT TO PROCESSING OF PERSONAL INFORMATION IN UNITED STATES This Site is intended for use only by residents of the United States (“U.S.”). If you are a citizen of the European Economic Area (“E.E.A.”) or other jurisdiction outside of the U.S., please note that in order to provide our Site and Service to you, we may send and store your personal information (also commonly referred to as personal data) outside of the E.E.A. or other country where you are located, including the U.S. Accordingly, your personal information may be transferred outside of the country where you reside or are located, including to countries that may not or do not provide the same level of protection for your personal information. Federal, state, and local governments, courts, or law enforcement or regulatory agencies in the United States may be able to obtain disclosure of your information through the laws of the United States. By using and accessing our Site, users who reside or are located in countries outside of the U.S. agree and consent to the transfer to and processing of personal information on servers located outside of the country where they reside, including to the U.S., and that the protection of such information may be different than required under the laws of their residence or location.

14. CHANGES TO OUR PRIVACY POLICY While this Policy may change from time to time, Thirty Madison will enforce and comply with all applicable laws with respect to this Policy, any future versions of this Policy, our Service, our rights, and our obligations to you. We will post any privacy policy changes to our Site. The date this Policy was last modified is identified at the top of the page. You are responsible for periodically monitoring and reviewing any updates to this Policy. Your continued use of our Site after such amendments will be deemed your acknowledgement of these changes to this Policy.

15. QUESTIONS AND HOW TO CONTACT US If you have any questions, concerns, complaints, or suggestions regarding this Policy, please contact us:

  • Cove: Phone (877) 456-2683; Email care@withcove.com
  • Keeps: Phone (833) 745-3377; Email help@keeps.com
  • Nurx: Phone (800) 321-NURX (6879), Email nurx-support@thirtymadison.com

Or write us by U.S. postal mail at the following address: Thirty Madison, Inc. 82 Nassau St #61392 New York, NY 10038