Non-personal information we collect: We may also collect non-personal information, such as your IP address, browser type, and the pages you visit on our website. This information is used to analyze and improve our website’s performance.
How we use your information: We may use your personal information to respond to your inquiries, send you newsletters or marketing emails, and provide you with information about our services. We may also use your information to improve our website and our services.
We will not sell, rent, or share your personal information with any third parties, except as required by law or as necessary to provide our services to you. We will obtain your explicit consent before sharing your personal information with any third parties.
How we protect your information: We take reasonable steps to protect your personal information from unauthorized access, disclosure, or destruction. We use industry-standard security measures to safeguard your personal information, and we review our security practices on a regular basis. However, no method of transmission over the internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of your personal information.
You can choose to disable cookies through your browser settings, but this may affect your ability to use certain features of our website.
Third-party links: Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these websites. We encourage you to review the privacy policies of these websites before providing any personal information.
Children’s privacy: Our website is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.
CPRA privacy message: Under the CPRA, California residents have the right to request that we disclose the categories of personal information that we have collected about them, and the specific pieces of personal information that we have collected about them. California residents also have the right to request that we delete their personal information. To exercise these rights, please contact us at email@example.com.
Google Analytics and HIPAA Compliance
We are committed to safeguarding the privacy and security of personal information. When utilizing Google Analytics, we take special care to ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA). Although Google Analytics is not inherently HIPAA-compliant, we have made careful configurations to our setup to prevent any potential violations of HIPAA regulations.
*Our Best Practices Include*:
1. *Avoiding PII and PHI in URLs*: URLs are structured so that no Personally Identifiable Information (PII) or Protected Health Information (PHI) appears.
2. *Data Sharing Restrictions*: We have turned off all data-sharing options within Google Analytics.
3. *IP Anonymization*: IP addresses are anonymized to prevent storing the complete IP address of our users.
4. *No Usage of UserID Feature*: We avoid using the UserID feature to prevent any link to specific individuals.
5. *Exclusion of Sensitive Data*: Filters are in place to prevent the transmission of potential PII or PHI data to Google Analytics.
6. *Data Retention Control*: Data retention settings are adjusted to prevent indefinite storage of user and event data.
7. *Careful Use of Custom Dimensions*: We ensure no sensitive data is captured within custom dimensions or metrics.
8. *Safe Event and Goal Tracking*: Our tracking methods are configured to prevent the capture of any PII or PHI.
9. *Disabling User Explorer Reports*: Detailed individual user journey reports, known as User Explorer reports, are disabled.
10. *Search Query Protection*: We ensure that no PII or PHI can be entered into site search queries or captured by Google Analytics.
11. *Acceptance of Data Processing Amendment*: We have reviewed and accepted Google Analytics’ Data Processing Amendment for added contractual protection.
12. *Routine Audits*: Our team conducts regular checks on our Google Analytics setup to ensure the safety of the data.
13. *Staff Training*: All team members involved with Google Analytics are trained on the importance of data security and HIPAA compliance.
Effective Date: [9/23/2023]