PRIVACY POLICY

1. Introduction

CCS Restoration Psychiatry ("we," "us," or "our") operates the website ccsrestorationpsychiatry.com (the "Site"). This Privacy Policy details how we collect, use, store, and protect your Personal Information. By using the Site, you consent to these practices.

2. Scope of Information

Personal Information: Data identifying you (e.g., name, email, IP address).

Sensitive Personal Information: Health/mental health data, treatment history (requires explicit consent under GDPR/HIPAA).

Non-Personal Information: Anonymous usage analytics.

3. Information Collection

3.1 Information You Provide Directly

When using our services, you may submit:

  • Contact details (name, email, phone).
  • Health information (symptoms, treatment preferences).
  • Account credentials (if registration is enabled).

3.2 Automatically Collected Information

We collect:

  • Technical data (IP address, device type, browser).
  • Usage patterns (pages visited, session duration via cookies).
  • Geolocation (approximate, derived from IP).

3.3 Third-Party Sources

With your consent, we may receive data from healthcare providers or anonymized analytics services.

4. How We Use Your Information

Your data is processed for the following purposes:

  • Service Delivery: To provide mental health resources or telehealth services under contractual necessity.
  • Support & Communication: Responding to inquiries or scheduling (legitimate interests).
  • Personalization: Enhancing user experience (requires opt-in consent).
  • Research: Service improvement using anonymized data.
  • Legal Compliance: Meeting HIPAA audits or court orders.
  • Marketing: Sending newsletters (explicit consent required).

5. Information Sharing

We never sell your data. Disclosures are limited to:

  • HIPAA-Compliant Service Providers: Vendors bound by strict data processing agreements (e.g., EHR systems).
  • Healthcare Professionals: Only with your explicit written consent for treatment coordination.
  • Legal Obligations: To comply with subpoenas or public safety laws.
  • Legal Obligations: To comply with subpoenas or public safety laws.

6. Data Security

We implement enterprise-grade safeguards:

  • Technical: AES-256 encryption, TLS 1.3+ for data transit.
  • Administrative: Role-based access controls, mandatory annual HIPAA training.
  • Physical: Biometric-secured data centers.
  • Retention: Health data stored for 7 years post-last interaction; non-health data for 2 years.

7. Your Rights

You may exercise these rights under GDPR/CCPA/HIPAA:

  • - Access & Portability: Request a copy of your data.
  • - Correction: Update inaccurate information.
  • - Deletion: Erase non-essential data (legal exceptions apply).
  • - Consent Withdrawal: Opt out of marketing or analytics.
  • - Complaints: Report concerns to HHS OCR or EU supervisory authorities.

Submit requests to: [email protected]. We respond within 30 days with identity verification.

8. Children’s Privacy

The Site is not directed at minors under 18. We do not knowingly collect their data without parental consent.

9. Cookies & Tracking

  • - Essential Cookies: Required for Site functionality (no consent needed).
  • - Analytical/Advertising Cookies: Used only with prior opt-in via our cookie banner.
  • - Opt-Out: Adjust browser settings or use our preference center.

10. International Visitors

Data is primarily processed in the U.S. EU/UK transfers use GDPR-compliant safeguards like Standard Contractual Clauses.

11. Policy Changes

Material updates are notified via email or Site banners. Continued use constitutes acceptance.

12. Contact Us

Email: [email protected]