1. INTRODUCTION
This Privacy Policy sets forth the data collection and usage policies and practices that apply to Lana Wimmer Therapy, operating the website lanawimmertherapy.com (hereinafter referred to as “the Website”). This Privacy Policy is intended to inform users of the Website, including but not limited to individuals seeking therapy services, about how Lana Wimmer Therapy (hereinafter referred to as “the Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects the personal information gathered through our Website. It is crucial to understand that by accessing and using our Website, you agree to the terms of this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.
This Privacy Policy is compliant with the data protection and privacy laws and regulations applicable in the United States, including but not limited to the Health Insurance Portability and Accountability Act (HIPAA), where relevant to the mental health services provided. We recognize the sensitive nature of the personal information involved in mental health therapy and are committed to protecting your privacy with the utmost care and in accordance with the law.
Given the nature of our services, this Privacy Policy also addresses the specific considerations relevant to the personal and health-related information we may collect in the course of providing mental health services. We encourage you to read this policy in its entirety to understand our privacy practices fully.
2. INFORMATION COLLECTION
2.1 Types of Information Collected
In the course of operating the Website and providing therapy services, we may collect various types of information from and about our users, which can be categorized as follows:
2.1.1 Personal Identifiable Information (PII): This refers to information that can be used to identify you as an individual. Examples of PII we collect include your name, address, email address, telephone number, and other contact details. In the context of the services provided, this may also include sensitive personal information related to your mental health and therapy sessions.
2.1.2 Health Information: As a provider of mental health therapy services, we may collect information regarding your mental and emotional health, therapy history, treatment plans, and other data relevant to your care. This information is considered protected health information (PHI) under HIPAA and is subject to stringent confidentiality and security measures.
2.1.3 Payment Information: For the processing of payments for our services, we may collect financial information such as credit card numbers, bank account details, and billing addresses.
2.1.4 Technical and Usage Information: When you access our Website, we may collect certain non-personally identifiable information automatically. This may include your IP address, browser type, operating system, and information about your use of our Website, such as the pages you visit and the links you click.
2.2 Methods of Information Collection
The Company employs various methods for collecting information, which include but are not limited to:
2.2.1 Direct Collection: We collect information that you voluntarily provide when you use our Website, such as when you fill out contact forms, engage in online therapy sessions, or interact with our customer service.
2.2.2 Indirect Collection: Some information is collected automatically through your use of our Website and services. This includes technical and usage information collected via cookies and similar tracking technologies.
2.2.3 Third-Party Sources: We may occasionally collect information from other sources, such as partner healthcare providers or payment processing services, to supplement the information you provide.
3. USE OF INFORMATION
3.1 General Principles of Information Use
The information collected by Lana Wimmer Therapy through the Website and other interactions with clients is primarily used to provide, manage, and improve our mental health therapy services. The specific uses of the information are detailed as follows:
3.1.1 Service Provision and Management: Personal Identifiable Information (PII) and Health Information are used primarily for the provision and personalization of therapy services. This includes using the information to schedule appointments, develop treatment plans, provide therapy sessions (whether in person or online), and manage ongoing client relationships.
3.1.2 Communication: We use contact information such as email addresses and phone numbers to communicate with clients regarding appointments, therapy services, and any changes to our policies or services. This communication may also include providing educational or supportive resources that may be beneficial to the client’s therapy process.
3.1.3 Billing and Payment Processing: Payment information is utilized to process fees for therapy services. This includes the management of client accounts, issuing invoices, and receiving payments. We ensure that this financial information is handled with a high degree of security and confidentiality.
3.1.4 Website Improvement and Personalization: Technical and usage information collected via cookies and other tracking technologies is used to improve the functionality and user-friendliness of the Website. This may include analyzing how users interact with our Website to personalize and optimize the user experience.
3.2 Legal and Ethical Considerations in Information Use
3.2.1 Compliance with Laws and Regulations: All use of personal information is conducted in compliance with applicable federal and state laws, including HIPAA, which governs the handling of health information. We are committed to maintaining the confidentiality of client information and only use such information in ways that are legally and ethically permissible.
3.2.2 Ethical Standards in Mental Health: In accordance with the ethical standards of mental health practice, particularly those pertaining to confidentiality and client privacy, we exercise the utmost discretion and professional judgment in the use of client information.
4. DISCLOSURE OF INFORMATION
4.1 Circumstances of Information Disclosure
The Company is committed to maintaining the confidentiality of the personal information of our clients. However, there are certain circumstances under which we may disclose information collected:
4.1.1 To Provide Services: We may disclose information to our employees, contractors, and affiliated organizations as necessary to provide the therapy services requested by our clients. For instance, administrative staff may access client contact information to manage appointments.
4.1.2 Legal Requirements: We may disclose personal and health information if required by law or in response to valid requests by public authorities, such as a court or a government agency. This includes complying with legal processes, enforcing our site policies, or protecting ours or others’ rights, property, or safety.
4.1.3 Health and Safety: In situations where client safety or the safety of others is at risk, we may disclose information as permitted or required under ethical standards and laws, such as in cases of a client threatening serious bodily harm to themselves or others.
4.1.4 Third-Party Service Providers: We may engage third-party service providers to perform functions on our behalf, such as billing, data analysis, and IT services. These third parties have access to personal information needed to perform their functions but are not permitted to use it for other purposes.
4.1.5 Business Transfers: In the event that Lana Wimmer Therapy is involved in a merger, acquisition, reorganization, or sale of assets, client information may be transferred as part of the transaction. In such cases, we will continue to ensure the confidentiality of any personal information.
4.2 Consent and Control
4.2.1 Client Consent: Except as otherwise provided in this Privacy Policy, personal information will not be disclosed to third parties without the client’s consent. Clients have the right to withdraw consent at any time, subject to legal, ethical, or contractual restrictions.
4.2.2 Client Control: Clients have the right to control their personal information, including the right to update, correct, or request deletion of their information, subject to necessary exceptions such as retention for legal or ethical reasons.
5. INTERNATIONAL TRANSFERS
5.1 Scope of International Transfers
Given the nature of the Internet and cloud services, personal information collected through the Lana Wimmer Therapy website may be stored and processed in the United States or any other country in which Lana Wimmer Therapy or its affiliates, subsidiaries, or service providers maintain facilities. While Lana Wimmer Therapy is primarily a United States-based entity, we recognize that our online platform may be accessed by users outside of the United States. As such, it is important to note that these countries may have data protection laws that are different from those of the United States.
5.2 Legal Framework and Compliance
5.2.1 Adherence to Legal Standards: In cases of international transfers of personal data, Lana Wimmer Therapy commits to adhering to the legal standards and frameworks that govern data protection in the relevant jurisdictions. This includes compliance with legal mechanisms that provide an adequate level of protection for the transfer of personal information from the European Economic Area (EEA), Switzerland, and other regions with data protection laws, to the United States.
5.2.2 Safeguarding Data in Transfers: We implement appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy and the applicable data protection laws. This may include the use of data transfer agreements based on the Standard Contractual Clauses (SCCs) approved by the European Commission or other relevant authorities for data transfers from the EEA and Switzerland to the United States or other countries.
5.3 Client Consent and Disclosure
5.3.1 Informed Consent: For clients outside of the United States, we obtain informed consent for the international transfer of their personal information, ensuring clients are aware of the potential risks associated with such transfers due to the absence of an adequacy decision and appropriate safeguards.
5.3.2 Transparency in Data Transfers: Lana Wimmer Therapy remains transparent about the international transfer of personal data, including the countries where data is transferred and stored, and the measures taken to protect the data.
6. COOKIES AND TRACKING TECHNOLOGIES
6.1 Introduction to Cookies and Tracking Technologies
Lana Wimmer Therapy employs cookies and various tracking technologies on its website to enhance user experience, gather data for website performance analytics, and for targeted advertising purposes. This section explains how these technologies are used and how users can control their preferences.
6.2 Types of Cookies and Tracking Technologies Used
6.2.1 Essential Cookies: These cookies are crucial for the basic functioning of our website. They enable core functionalities such as security, network management, and accessibility. Disabling these cookies may affect how the website functions.
6.2.2 Performance Cookies: These cookies collect information about how visitors use the website, such as which pages are visited most often. This information is used to improve the website and diagnose problems. The data collected is aggregated and therefore anonymous.
6.2.3 Functional Cookies: Functional cookies allow the website to remember choices users make (such as your user name, language, or region) and provide enhanced, more personal features.
6.2.4 Targeting/Advertising Cookies: These cookies are used to deliver advertisements more relevant to the user and their interests. They are also used to limit the number of times a user sees an advertisement and help measure the effectiveness of the advertising campaign.
6.3 Third-Party Cookies
6.3.1 Use by Third Parties: Our website may also include cookies set by third parties. This includes social media services that have added features to share content or tracking services used by advertising networks. These third parties may use these cookies to track your internet activity.
6.3.2 Management of Third-Party Cookies: The management and deletion of these third-party cookies are subject to the privacy policies and tools of these external services and networks.
6.4 User Consent and Preferences
6.4.1 Obtaining Consent: We seek user consent for the use of cookies where legally required. This consent can be given through various means, such as a cookie banner or a settings function on the website.
6.4.2 Adjusting Preferences: Users have the ability to control and manage their cookie preferences. Most web browsers allow some control of most cookies through the browser settings. Users can set their browsers to reject all or some cookies, to alert when a cookie is being placed on their device, or to delete cookies that have already been set.
6.5 Impact of Disabling Cookies
6.5.1 Functionality Loss: If a user chooses to disable cookies, some parts of the website may not function as intended. Essential cookies are necessary for the website to operate properly, and their removal might diminish the user experience or disable certain functionalities.
6.5.2 Persistent vs Session Cookies: It is important to distinguish between persistent cookies, which remain on the user’s device for a pre-defined period, and session cookies, which are temporary and disappear after the browser session ends.
6.6 Updates to Cookie Policy
6.6.1 Policy Revisions: This Cookies and Tracking Technologies Policy may be updated periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons.
6.6.2 Notification of Changes: Users will be notified of any significant changes to this policy through our website or through other means of communication, such as email, where appropriate.
7. CHILDREN’S PRIVACY
7.1 General Commitment to Children’s Privacy
Lana Wimmer Therapy recognizes the importance of protecting the privacy and rights of children, particularly in the digital environment. This section of the Privacy Policy specifically addresses our approach and practices concerning the collection, use, and disclosure of personal information from children under the age of 13, in compliance with the Children’s Online Privacy Protection Act (COPPA) and other relevant legislation.
7.2 Collection of Information from Children
7.2.1 Direct Collection: We do not knowingly collect personal information directly from children under 13 without obtaining verifiable parental consent, except in cases where such information is necessary for providing therapy services, responding to a one-time request from the child, or ensuring the safety of the child or others as permitted by law.
7.2.2 Indirect Collection: In the event that we inadvertently collect personal information from a child under 13 without parental consent, we will take reasonable steps to delete such information from our records as soon as possible.
7.3 Parental Rights and Controls
7.3.1 Parental Consent and Access: Parents or guardians have the right to consent to the collection and use of their child’s personal information without having to consent to its disclosure to third parties, as per COPPA guidelines.
7.3.2 Review and Deletion: Parents or guardians can review their child’s personal information, direct us to delete it, and refuse to allow any further collection or use of the child’s information. To exercise these rights, parents or guardians should contact us at the contact information provided in this policy.
7.4 Use and Disclosure of Children’s Information
7.4.1 Therapy Services: Information collected from children is primarily used for the purpose of providing therapy services. This includes evaluating the child’s needs and providing appropriate mental health care.
7.4.2 Legal and Safety Requirements: We may disclose personal information of children if required by law or if we believe that such action is necessary to protect the safety of the child, other children, or to respond to government requests.
8. SECURITY MEASURES
8.1 Commitment to Data Security
The security of your personal information is of utmost importance to Lana Wimmer Therapy. We are committed to implementing and maintaining robust technical and organizational security measures designed to protect the personal information we process from unauthorized access, disclosure, alteration, and destruction.
8.2 Security Practices and Protocols
8.2.1 Data Encryption: Personal information is encrypted during transmission and, where feasible, at rest, using industry-standard encryption protocols to provide a secure environment for sensitive data, including health information.
8.2.2 Access Control: Access to personal information is strictly limited to those employees, contractors, and affiliated organizations that need to know that information in order to process it on Lana Wimmer Therapy’s behalf. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
8.2.3 Regular Security Assessments: We regularly review and update our security practices to improve the protection of personal information and ensure compliance with industry standards and legal requirements.
8.2.4 Incident Response Plan: In the event of a data breach, Lana Wimmer Therapy has an incident response plan to promptly and effectively address and mitigate any unauthorized access to personal information.
8.3 User Responsibility
While Lana Wimmer Therapy takes strong measures to protect the security of your personal information, it is also important for users to take steps to protect their information. This includes using strong passwords, not sharing account information, and ensuring a secure internet connection.
8.4 Limitations of Security Measures
No method of transmission over the Internet or electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
9. DATA RETENTION
9.1 Principles of Data Retention
Lana Wimmer Therapy is committed to retaining personal information only for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. This section outlines our approach to retaining and deleting personal data, in accordance with applicable laws and professional standards.
9.2 Retention Period
9.2.1 Determining the Retention Period: The retention period for personal information depends on various factors, including the nature of the data, the purposes for which it is processed, and legal or ethical obligations to retain data. For instance, health information related to therapy services is typically retained for a period that is consistent with professional standards for record-keeping in the mental health field, as well as any applicable legal requirements.
9.2.2 Regular Review of Data: We conduct regular reviews of the data we hold and delete or anonymize personal information that is no longer needed for its original purpose or required to be retained by law.
9.3 Data Deletion and Anonymization
9.3.1 Secure Deletion: When personal data is no longer needed, Lana Wimmer Therapy ensures its secure deletion or destruction in a manner that prevents the data from being reconstructed or read.
9.3.2 Anonymization: In cases where the information is used for research or statistical purposes, data may be anonymized, removing all identifiers that link it to an individual, thereby preventing the data from being attributed to a specific person.
9.4 Client Requests for Deletion
9.4.1 Rights to Request Deletion: Clients have the right to request the deletion of their personal data under certain circumstances. Such requests are subject to any legal or ethical obligations that may require us to retain certain information.
9.4.2 Handling of Deletion Requests: Upon receiving a request for deletion, we will assess the request in light of our legal and ethical obligations and respond appropriately. If we are unable to delete the information, we will inform the client of the reasons.
10. YOUR RIGHTS AND CHOICES
10.1 Overview of Client Rights
In accordance with applicable data protection laws, clients of Lana Wimmer Therapy have various rights concerning their personal information. This section outlines these rights and how clients can exercise them.
10.2 Rights to Access and Control Your Information
10.2.1 Access to Information: Clients have the right to access the personal information we hold about them. This includes the right to request and receive a copy of the personal data we have on file.
10.2.2 Correction and Updating of Information: Clients have the right to request that any incorrect or incomplete personal data we hold about them be corrected or updated.
10.2.3 Data Portability: Where applicable, clients have the right to data portability, which allows them to obtain and reuse their personal data for their own purposes across different services.
10.3 Right to Withdraw Consent
10.3.1 Revocation of Consent: Where the processing of personal information is based on consent, clients have the right to withdraw their consent at any time. However, this will not affect the lawfulness of any processing carried out before the withdrawal of consent.
10.4 Right to Object and Restrict Processing
10.4.1 Objection to Processing: Clients have the right to object to the processing of their personal data in certain circumstances, such as for direct marketing purposes.
10.4.2 Restriction of Processing: Under certain conditions, clients have the right to request that the processing of their personal data be restricted. This means the data can still be stored but not further processed.
10.5 Exercising Your Rights
10.5.1 Process for Exercising Rights: Clients wishing to exercise any of these rights can contact Lana Wimmer Therapy directly using the contact information provided in this Privacy Policy. We may request specific information from the client to help us confirm their identity and ensure their right to access their personal data (or to exercise any of their other rights).
10.5.2 Response to Requests: We aim to respond to all legitimate requests within a reasonable timeframe and in accordance with any legal requirements. If the request is particularly complex or if the client has made a number of requests, it may take us longer to respond. In such cases, we will notify the client and keep them updated on the progress of their request.
11. THIRD-PARTY LINKS AND SERVICES
11.1 Introduction to Third-Party Links and Services
Lana Wimmer Therapy’s website may contain links to and from the websites of our partner networks, advertisers, affiliate programs, and other third parties. Additionally, some of our services may involve the interaction with third-party service providers. This section outlines our policy and approach regarding these third-party links and services.
11.2 Interactions with Third-Party Services
11.2.1 Use of Third-Party Services: In the course of providing therapy services, we may utilize various third-party service providers for functions such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance.
11.2.2 Data Sharing with Third Parties: When we engage third-party service providers, we may share personal information with them to the extent necessary for them to provide their services. These third parties are prohibited from using your personal information for any purpose other than to provide these services to Lana Wimmer Therapy, and they are required to maintain the confidentiality, security, and integrity of the personal information.
11.3 Links to Other Websites
11.3.1 External Links: Our website may include links to external websites for your convenience and information. These external websites operate independently from Lana Wimmer Therapy and may have their own privacy notices or policies, which we strongly advise you to review.
11.3.2 Responsibility for External Sites: We do not control and are not responsible for the content of these external sites, their privacy practices, or any damage or loss that may arise from your interactions with these external websites.
11.4 User Awareness and Caution
11.4.1 Awareness of Privacy Policies: Users are encouraged to be aware when they leave our website and to read the privacy statements of any other site that collects personally identifiable information.
11.4.2 No Endorsement of Third Parties: Inclusion of links to third-party websites does not imply an endorsement or recommendation of those websites or the services or products offered on or through those websites.
12. CHANGES TO PRIVACY POLICY
12.1 Policy Updates and Revisions
Lana Wimmer Therapy reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Any changes or updates will be effective immediately upon posting to our website. This section provides information on how we will communicate such changes and the effect of those changes.
12.2 Notification of Changes
12.2.1 Posting on Website: Any changes we make to our Privacy Policy will be posted on this page and, where appropriate, notified to you by email or through a notification on our website.
12.2.2 Continued Use as Acceptance: Your continued use of the Lana Wimmer Therapy website following the posting of changes to this Privacy Policy will mean you accept those changes. We encourage you to periodically review this page for the latest information on our privacy practices.
12.3 Substantive Changes
12.3.1 Significant Changes: In cases of significant changes to our Privacy Policy, especially those that have a major impact on your rights and the way we handle your personal data, we will provide more prominent notice and, where required by law, seek your consent.
12.3.2 Archiving Previous Versions: For your reference and transparency, we may keep prior versions of this Privacy Policy in an archive for your review.
12.4 Client Inquiries and Feedback
12.4.1 Open Communication: We welcome any questions, comments, or concerns about our Privacy Policy or privacy practices. If you have any such inquiries or feedback, please contact us at the information provided in the “Contact Information” section of this policy.
12.4.2 Client Feedback Mechanism: Feedback from our clients is important and helps us to improve our Privacy Policy and the ways we handle personal information. We are committed to engaging with our clients to address their concerns about privacy and data protection.
13. COMPLIANCE WITH SPECIFIC LAWS AND REGULATIONS
13.1 Overview of Compliance Obligations
Lana Wimmer Therapy is committed to adhering to all applicable laws and regulations governing privacy and data protection in the jurisdictions where it operates. This section outlines our approach to compliance with specific laws and regulations that are particularly relevant to our operations and services.
13.2 Compliance with United States Laws
13.2.1 Health Insurance Portability and Accountability Act (HIPAA): As a provider of mental health therapy services, we are subject to the provisions of HIPAA, which sets the standard for the protection of sensitive patient health information. We ensure that all Protected Health Information (PHI) is handled in compliance with HIPAA’s Privacy, Security, and Breach Notification Rules.
13.2.2 Children’s Online Privacy Protection Act (COPPA): We comply with COPPA, which requires the protection of the privacy of children under the age of 13. Our practices around the collection, use, and disclosure of personal information from children are designed to comply with COPPA’s requirements.
13.2.3 State-Specific Privacy Laws: We also adhere to state-specific privacy laws where applicable, such as the California Consumer Privacy Act (CCPA), which grants certain rights to California residents in relation to their personal information.
13.3 International Data Protection Laws
13.3.1 General Data Protection Regulation (GDPR): For clients in the European Union, we comply with the GDPR, which provides robust data protection for individuals within the EU. This includes honoring rights such as access to data, the right to be forgotten, and the right to data portability.
13.3.2 Other International Laws: We recognize that clients may access our services from various international locations, each with its own data protection laws. We endeavor to respect these laws to the extent they apply to our operations.
13.4 Training and Awareness
13.4.1 Employee Training: We ensure that our employees are trained in the principles of data privacy and the specific requirements of the laws and regulations that apply to our services. This training is aimed at fostering a culture of compliance and awareness within the organization.
13.4.2 Continuous Monitoring and Updating: Compliance is an ongoing process, and we continually monitor legal developments in privacy and data protection laws to update our practices and policies as necessary.
14. CONTACT INFORMATION
14.1 Contact Details for Privacy Matters
For any questions, concerns, or comments regarding this Privacy Policy or Lana Wimmer Therapy’s privacy practices, clients and users can contact us using the following details:
Mailing Address: 321 North Mall Drive, Suite M-201, Saint George, UT 84790
Phone: (435) 334-5749
Email: info@lanawimmertherapy.com
14.2 Role of Contact Points
14.2.1 Receiving Inquiries: The provided contact points are dedicated to receiving and addressing any inquiries related to privacy and data protection. This includes questions about client data, requests to exercise rights under applicable laws, and general privacy concerns.
14.2.2 Response and Resolution: We are committed to responding to all inquiries in a timely and professional manner. Our aim is to resolve any issues or concerns to the satisfaction of our clients and in accordance with legal requirements.
14.3 Updating Contact Information
14.3.1 Notification of Changes: Should there be any changes to our contact information, we will update this Privacy Policy and provide notification through our website or other appropriate channels.
14.3.2 Ensuring Accessibility: We ensure that our contact information is easily accessible and available on our website, enabling clients and users to reach us with ease for any privacy-related matters.