Privacy Policy
Effective Date: 10th day of August 2022
PLEASE READ THE FOLLOWING CAREFULLY
THIS STATEMENT PROVIDES GENERAL INFORMATION ABOUT THE PRIVACY STATEMENT OF THIS WEBSITE. IF YOU ARE UNDER 18 YEARS OF AGE, PLEASE BE SURE TO READ THIS PRIVACY STATEMENT WITH YOUR PARENTS OR GUARDIAN AND ASK THEM QUESTIONS ABOUT WHAT YOU DO NOT UNDERSTAND.
YOUR USE OF THIS SERVICE CONSTITUTES ACCEPTANCE BY YOU OF THIS PRIVACY STATEMENT.
‘Chicago Mindful Psychotherapy’ ( “Chicago Mindful Psychotherapy”, “we”, “our” and “us”.) has created this privacy statement (“Statement”) in order to demonstrate its firm commitment to the privacy of the details that you provide to us when using chicagomindfulpsychotherapy.com “collectively “the website”), as the data controller for the purposes of the relevant United States Data protection law, the California Consumer Privacy Act (CCPA), the California Online Privacy Protection Act (CALOPPA), 2003 and the EU General Data Protection Regulation (GDPR) 2016.
At Chicago Mindful Psychotherapy, we are committed to maintaining the trust and confidence of all visitors to our website. In particular, we want you to know that the website is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes.
We believe your business is no one else’s. Your Privacy is important to you and to us. So, we’ll protect the information you share with us. To protect your privacy, Chicago Mindful Psychotherapy follows different principles in accordance with worldwide practices for customer privacy and data protection.
- We won’t sell or give away your name, mail address, phone number, email address or any other information to anyone.
- We‘ll use security measures to protect your information from unauthorized users.
Therefore, to provide you with our services we need (and sometimes are obliged by the law) to collect your personal data. This Privacy Policy (the “Policy”) informs Users (a “User”, or “You”) of our policies regarding the processing of Personal Information we receive from Users of the site.
In this Privacy Policy, we’ve provided detailed information on when and why we collect personal information, how we use it, the limited conditions under which we may disclose it to others, and how we keep it secure.
We take your privacy seriously and take measures to provide all visitors and users of the website with a safe and secure environment.
The Personal Information on the site, is collected, controlled and processed by the data controller; collected on behalf of:
Chicago Mindful Psychotherapy
5537 N Clark St, 2nd floor
Chicago, IL 60640
Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.
1. WHAT INFORMATION DO WE COLLECT?
(a) Personal information you disclose to us
We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our services, when participating in activities on our website or otherwise contacting us.
The personal information that we collect depends on the context of your interactions with us and our website, the choices you make and the products and features you use. The personal information we collect can include but is not limited to the following:
Name and Contact Data. We collect your first and last name, email address, mailing address, insurance information, and phone number.
Information you choose to submit to Chicago Mindful Psychotherapy as part of a contest, giveaway, newsletter, or promotional campaign. This information is used only for the purpose for which it is submitted unless we disclose other uses in this Privacy Policy or at the time of collection.
(b) Information automatically collected
Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our website.
We automatically collect certain information when you visit, use or navigate our website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our website and other technical information. This information is primarily needed to maintain the security and operation our website, and for our internal analytics and reporting purposes.
2. HOW DO WE USE YOUR INFORMATION?
We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.
We use personal information collected via our website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.
We use the information we collect or receive:
To send you informational communications. We may use the personal information you send to us for the purposes of sending you informational emails or newsletters. You can opt-out of our informational communications at any time
Request feedback. We may use your information to request feedback and to contact you about your use of our website.
For other business purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our website, articles, and your experience.
3. WILL YOUR INFORMATION BE SHARED WITH ANYONE?
We only share information with your consent, to comply with laws, to protect your rights, or to fulfill business obligations.
We may process or share data based on the following legal basis:
Consent: We may process your data if you have given us specific consent to use your personal information in a specific purpose
Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or subpoena (including in response to public authorities to meet national security or law enforcement requirements).
Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
More specifically, we may need to process your data or share your personal information in the following situations:
Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing via (PayPal, Credit Cards, and/or subscription policy), data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on our website, which will enable them to collect data about how you interact with our website over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
4. WHO WILL YOUR INFORMATION BE SHARED WITH?
We only share information with the following third parties.
We only share and disclose your information with the following third parties. We have described each party so that you may easily understand the purpose of our data collection and processing practices. If we have processed your data based on your consent and you wish to revoke your consent, please contact us.
Transfer & retention of your personal information
Your personal information is processed by us at our location as well as the location of third parties who also process this personal information. The servers of our cloud providers are located in USA. Your personal information may be transferred to devices outside of your current jurisdiction. If you are in the European Economic Area (EEA), for example, your personal data may be transferred to countries outside of the EEA. The legal basis for this is our legitimate interest in the maintenance of our website and our business.
Our practice takes your privacy seriously and will make every effort to ensure that any transfer of personal information is only with commercially reasonable safeguards in place. Your consent to this Privacy Policy is also consent to this transfer of personal information.
In an effort to maintain your privacy, your personal information will only be retained for the length of time necessary to fulfill the purpose for which the personal information was collected, and to fulfill any legal obligations.
Google Maps
This website uses the mapping software Google maps by Google Inc. (“Google”). By using this website, you consent to the collection, processing, and use of data that may be automatically collected by Google and its agents.
Mailchimp
Mailchimp is a marketing automation platform and an email marketing service. Mailchimp may use the data they collect for internal data analytics projects or to meet legal requirements.
5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
We and our partners may use cookies to collect information about your use of the website. “Cookies” are small data files assigned to your browser when you visit Chicago Mindful Psychotherapy which enable recognition of your browser and collect and store information about your use of the site, as described above. In addition to cookies, we and our partners use other tracking technologies that collect information about your use of the Services, including mobile identifiers and “web beacons” which are small graphic files (sometimes called “clear GIFs” or “web pixels”) embedded in a web page or email typically used to monitor activity and send relevant information back to a home server (which can belong to the host site, a network advertiser or some other third party).
Our service partners may use cookies and other tracking technologies to collect information about your use of the site, including content you have viewed. These third parties may use this information to deliver advertising on other third-party websites based on your browsing activity on Chicago Mindful Psychotherapy.
Cookies and similar technologies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our website.
Controls for do-not-track features
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of the Privacy Policy.
6. HOW LONG DO WE KEEP YOUR INFORMATION?
We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law.
We will only keep your information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
7. HOW DO WE KEEP YOUR INFORMATION SAFE?
We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our website is at your own risk. You should only access the services within a secure environment.
8. DO WE COLLECT INFORMATION FROM MINORS?
We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly solicit data from or market to children under 18 years of age. By using the website, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the website. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age18, please contact us at contact us at info@cmp.email.
9. WHAT ARE YOUR PRIVACY RIGHTS?
In some regions, such as the European Economic Area, you have rights that allow you greater access to and control over your personal information. You may review, change, or request deletion of your data at any time.
In some regions (like the European Economic Area), you have certain rights under applicable data protection laws. These may include:
Right to access. You may obtain from us the confirmation as to whether or not personal data concerning you is being processed and get an access to such personal data. You are entitled to view, amend, or delete the personal information that we hold. Email your request to our data protection office at info@cmp.email and we will work with you to remove any of your personal data we may have.
Right to rectify your inaccurate Personal Information and to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erase your Personal Information. Please note that a request to erase your Personal Information will also terminate your account on the Site. We will automatically and without undue delay erase your Personal Information when it is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
Right to restrict processing of your Personal Information.
Right to data portability. You may obtain from us the personal data concerning you and which you have provided to us and transmit it to another Personal Information Controller.
Right to object to processing of Your Personal Information.
Right to withdraw your consent to the usage of your Personal Information at any time.
Right to lodge a complaint. We take privacy concerns seriously. If you believe that we have not complied with this Privacy Policy with respect to your Personal Information, you may contact our respective Data Protection Office. We will investigate your complaint promptly and will reply you within 30 (thirty) calendar days.
10. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.
California Consumer Privacy Act (CCPA) grants California residents the following rights with regard to their personal data (taken from CCPA Fact Sheet):
The right to know what personal information is collected, used, shared or sold, both as to the categories and specific pieces of personal information.
The right to delete personal information held by businesses and by extension, a business’s service provider.
The right to opt-out of sale of personal information. Consumers are able to direct a business that sells personal information to stop selling that information.
Children under the age of 16 must provide opt-in consent, with a parent or guardian consenting for children under 13.
The right to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.
If you are a resident of California, and have submitted data with the Sites or have used the Sites, you have the right to request removal of unwanted data that you publicly post on the Sites. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Sites, but please be aware that the data may not be completely or comprehensively removed from our systems.
11. HIPAA COMPLIANCE & BAA OBLIGATIONS
Ensuring that our clients’ data is safe, secure, and always available to them is one of our top priorities. For customers who are subject to the requirements of the Health Insurance Portability and Accountability Act (HIPAA), Google Workspace and Cloud Identity can support HIPAA compliance.
Under HIPAA, certain information about a person’s health or health care services is classified as Protected Health Information (PHI). Customers who are subject to HIPAA and wish to use Google Workspace or Cloud Identity with PHI must sign a Business Associate Agreement (BAA) with Google.
Customers are responsible for determining whether they are subject to HIPAA requirements and whether they use or intend to use Google services in connection with PHI. Customers who have not signed a BAA with Google must not use Google services in connection with PHI.
Administrators must review and accept a BAA before using Google services with PHI. See what Google Workspace products can be used for HIPAA compliance in the HIPAA Included Functionality.
12. LINKS TO OTHER WEBSITES
Our website contains links to other websites that are not operated by Us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
13. DO WE MAKE UPDATES TO THIS POLICY?
Yes, we will update this policy as necessary to stay compliant with relevant laws.
We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.
14. HOW CAN YOUR CONTACT US ABOUT THIS POLICY?
If you have questions or comments about this policy, you may email us at info@cmp.email.