Your cart is currently empty
Rock’s Discount Vitamins, Inc (referred to as we, us, or our) operates retail stores in Texas and an online store that ships throughout the United States. Protecting customer data is a core operational priority. We maintain a confidentiality posture that exceeds typical industry standards and follows a privacy forward operational model.
This Privacy Policy applies whenever you shop in our Texas retail locations, visit or make a purchase on our website, or interact with us by email, phone, or any other method.
We collect only what is necessary to support transactions and operate efficiently. We follow data
minimization principles to limit exposure. We may collect:
• Personal data such as name, billing address, shipping address, email, and phone number.
• Payment information processed through PCI compliant third parties.
• Transaction details and purchase history.
• Loyalty or rewards program information.
• Website specific data such as IP address, browser type, device identifiers, and browsing behavior through cookies and similar technologies. You may control cookies through browser settings or universal opt out mechanisms such as Global Privacy Control.
We use your information only to support legitimate business operations. This includes:
• Processing and fulfilling orders.
• Providing customer support.
• Sending order updates and receipts.
• Preventing fraud and protecting platform security.
• Improving our products, services, and technology systems.
• Sending marketing communications only if you explicitly opt in.
• Complying with legal and regulatory requirements.
We maintain a strict privacy forward approach to marketing. Our internal rules require that:
• We send marketing emails, texts, or promotions only when you explicitly opt in.
• All marketing data remains internal. It is never sold, shared, rented, licensed, or disclosed to third parties for their benefit.
• Marketing data is protected using the same controls applied to transactional and payment data.
• Opt out requests are processed immediately.
• Marketing uses only information you provide directly, such as purchase history and preferences. We do not use data brokers or external profiling services.
• Vendors assisting with marketing must comply with strict confidentiality terms and cannot use customer data for their own purposes.
• Any legal or third party attempt to access marketing data receives the same resistance posture we apply to all customer information.
Marketing remains entirely internal. Your engagement data is never shared.
We do not sell, rent, trade, disclose, or distribute your personal information to third parties. We do not share data for advertising or analytics that benefit external parties, and we do not engage in data broker activities as defined under applicable law, including the Texas Data Privacy and Security Act. We disclose information only to trusted service providers that support our operations. These providers are bound by confidentiality agreements and are audited for compliance.
We maintain a strong defensive posture when third parties attempt to access customer information. Our legal response protocol includes:
• Requiring valid subpoenas, court orders, or legally binding process before evaluating any request.
• Challenging overbroad, unlawful, or unclear demands through motions to quash, appeals, or protective orders, including engaging privacy advocacy organizations when appropriate.
• Seeking protective orders to restrict disclosure if required.
• Providing only the minimum amount of information legally mandated, and only after exhausting all avenues of challenge.
• Notifying affected customers when the law allows so that they may protect their interests, including by challenging requests independently.
• Using pseudonymization, anonymization, and limited retention policies to reduce the utility of any compelled disclosures.
Customer data is confidential. Disclosure is an exception, not standard practice, and we defend confidentiality with all legally available strategies.
Under Texas law, including the Texas Data Privacy and Security Act, and other applicable state privacy laws, as well as relevant federal laws and FTC guidelines, you may request to:
• Know what data we hold.
• Access or receive a portable copy of your data.
• Correct inaccurate information.
• Delete your data.
• Opt out of marketing communications, targeted advertising, data sales, or profiling, including through universal opt out mechanisms. We do not sell personal data or engage in targeted advertising or profiling, but we provide these opt out rights as required under applicable law.
• For minors ages 13 to 17, we require affirmative opt in consent for processing sensitive personal data and follow enhanced protections under applicable law.
We protect customer information using administrative, physical, and technical safeguards, as well as requirements under the Texas Data Privacy and Security Act. These measures include encryption, access controls, secure payment processing, and continuous monitoring.
If a breach is suspected or confirmed, we notify affected individuals promptly as required by law.
We retain data only as long as necessary for business operations, compliance, or legal purposes. When data is no longer needed, we securely dispose of it using methods such as secure erasure or de identification.
We do not knowingly collect information from individuals under 18 years of age. If such data is identified, we delete it promptly and apply any required protections for minors under state privacy laws.
Material changes will be posted with an updated effective date. We may also provide notice by email or through in store signage.
