Effective Date: 10th day of August 2022
PLEASE READ THE FOLLOWING CAREFULLY
THIS STATEMENT PROVIDES GENERAL INFORMATION ABOUT THE PRIVACY STATEMENT OF THIS WEBSITE. IF YOU ARE UNDER 18 YEARS OF AGE, PLEASE BE SURE TO READ THIS PRIVACY STATEMENT WITH YOUR PARENTS OR GUARDIAN AND ASK THEM QUESTIONS ABOUT WHAT YOU DO NOT UNDERSTAND.
YOUR USE OF THIS SERVICE CONSTITUTES ACCEPTANCE BY YOU OF THIS PRIVACY STATEMENT.
‘Chicago Mindful Psychotherapy’ ( “Chicago Mindful Psychotherapy”, “we”, “our” and “us”.) has created this privacy statement (“Statement”) in order to demonstrate its firm commitment to the privacy of the details that you provide to us when using chicagomindfulpsychotherapy.com “collectively “the website”), as the data controller for the purposes of the relevant United States Data protection law, the California Consumer Privacy Act (CCPA), the California Online Privacy Protection Act (CALOPPA), 2003 and the EU General Data Protection Regulation (GDPR) 2016.
At Chicago Mindful Psychotherapy, we are committed to maintaining the trust and confidence of all visitors to our website. In particular, we want you to know that the website is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes.
We believe your business is no one else’s. Your Privacy is important to you and to us. So, we’ll protect the information you share with us. To protect your privacy, Chicago Mindful Psychotherapy follows different principles in accordance with worldwide practices for customer privacy and data protection.
We take your privacy seriously and take measures to provide all visitors and users of the website with a safe and secure environment.
The Personal Information on the site, is collected, controlled and processed by the data controller; collected on behalf of:
Chicago Mindful Psychotherapy
5537 N Clark St, 2nd floor
Chicago, IL 60640
(a) Personal information you disclose to us
We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our services, when participating in activities on our website or otherwise contacting us.
The personal information that we collect depends on the context of your interactions with us and our website, the choices you make and the products and features you use. The personal information we collect can include but is not limited to the following:
Name and Contact Data. We collect your first and last name, email address, mailing address, insurance information, and phone number.
(b) Information automatically collected
Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our website.
We automatically collect certain information when you visit, use or navigate our website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our website and other technical information. This information is primarily needed to maintain the security and operation our website, and for our internal analytics and reporting purposes.
We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.
We use personal information collected via our website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.
We use the information we collect or receive:
To send you informational communications. We may use the personal information you send to us for the purposes of sending you informational emails or newsletters. You can opt-out of our informational communications at any time
Request feedback. We may use your information to request feedback and to contact you about your use of our website.
For other business purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our website, articles, and your experience.
We only share information with your consent, to comply with laws, to protect your rights, or to fulfill business obligations.
We may process or share data based on the following legal basis:
Consent: We may process your data if you have given us specific consent to use your personal information in a specific purpose
Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or subpoena (including in response to public authorities to meet national security or law enforcement requirements).
Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
More specifically, we may need to process your data or share your personal information in the following situations:
Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing via (PayPal, Credit Cards, and/or subscription policy), data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on our website, which will enable them to collect data about how you interact with our website over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
We only share information with the following third parties.
We only share and disclose your information with the following third parties. We have described each party so that you may easily understand the purpose of our data collection and processing practices. If we have processed your data based on your consent and you wish to revoke your consent, please contact us.
Transfer & retention of your personal information
Your personal information is processed by us at our location as well as the location of third parties who also process this personal information. The servers of our cloud providers are located in USA. Your personal information may be transferred to devices outside of your current jurisdiction. If you are in the European Economic Area (EEA), for example, your personal data may be transferred to countries outside of the EEA. The legal basis for this is our legitimate interest in the maintenance of our website and our business.
In an effort to maintain your privacy, your personal information will only be retained for the length of time necessary to fulfill the purpose for which the personal information was collected, and to fulfill any legal obligations.
This website uses the mapping software Google maps by Google Inc. (“Google”). By using this website, you consent to the collection, processing, and use of data that may be automatically collected by Google and its agents.
Mailchimp is a marketing automation platform and an email marketing service. Mailchimp may use the data they collect for internal data analytics projects or to meet legal requirements.
Cookies and similar technologies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our website.
Controls for do-not-track features
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our website is at your own risk. You should only access the services within a secure environment.
We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly solicit data from or market to children under 18 years of age. By using the website, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the website. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age18, please contact us at contact us at firstname.lastname@example.org.
In some regions, such as the European Economic Area, you have rights that allow you greater access to and control over your personal information. You may review, change, or request deletion of your data at any time.
In some regions (like the European Economic Area), you have certain rights under applicable data protection laws. These may include:
Right to access. You may obtain from us the confirmation as to whether or not personal data concerning you is being processed and get an access to such personal data. You are entitled to view, amend, or delete the personal information that we hold. Email your request to our data protection office at email@example.com and we will work with you to remove any of your personal data we may have.
Right to rectify your inaccurate Personal Information and to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erase your Personal Information. Please note that a request to erase your Personal Information will also terminate your account on the Site. We will automatically and without undue delay erase your Personal Information when it is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
Right to restrict processing of your Personal Information.
Right to data portability. You may obtain from us the personal data concerning you and which you have provided to us and transmit it to another Personal Information Controller.
Right to object to processing of Your Personal Information.
Right to withdraw your consent to the usage of your Personal Information at any time.
Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.
California Consumer Privacy Act (CCPA) grants California residents the following rights with regard to their personal data (taken from CCPA Fact Sheet):
The right to know what personal information is collected, used, shared or sold, both as to the categories and specific pieces of personal information.
The right to delete personal information held by businesses and by extension, a business’s service provider.
The right to opt-out of sale of personal information. Consumers are able to direct a business that sells personal information to stop selling that information.
Children under the age of 16 must provide opt-in consent, with a parent or guardian consenting for children under 13.
The right to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.
If you are a resident of California, and have submitted data with the Sites or have used the Sites, you have the right to request removal of unwanted data that you publicly post on the Sites. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Sites, but please be aware that the data may not be completely or comprehensively removed from our systems.
Ensuring that our clients’ data is safe, secure, and always available to them is one of our top priorities. For customers who are subject to the requirements of the Health Insurance Portability and Accountability Act (HIPAA), Google Workspace and Cloud Identity can support HIPAA compliance.
Under HIPAA, certain information about a person’s health or health care services is classified as Protected Health Information (PHI). Customers who are subject to HIPAA and wish to use Google Workspace or Cloud Identity with PHI must sign a Business Associate Agreement (BAA) with Google.
Customers are responsible for determining whether they are subject to HIPAA requirements and whether they use or intend to use Google services in connection with PHI. Customers who have not signed a BAA with Google must not use Google services in connection with PHI.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Yes, we will update this policy as necessary to stay compliant with relevant laws.
If you have questions or comments about this policy, you may email us at firstname.lastname@example.org.