Privacy Policy

Last updated: September 18, 2024

This Privacy Policy applies to information collected by  Mindful Mental Wellness, P.A. (FL), Mindful Mental Wellness, P.C. (CA), Mindful Mental Wellness P.A. (KS), and Mindful Mental Wellness P.C. (NJ) (the “Medical Groups”), and its parents, subsidiaries, affiliates, and the medical practices it supports (collectively, “MMW,” “we,” “our,” or “us”), in connection with the telehealth service we provide. This includes information collected online through our websites, mobile applications, other online communications, through healthcare provider visits, or other medical services (collectively, our “Services”).

This Privacy Policy explains how information may be collected, used, or disclosed through our Services. This Privacy Policy is incorporated into the Terms of Use of our Services. By using our Services, you are accepting the Privacy Policy and Terms of Use. Additional terms may apply depending on the Services you use.

Thank you for choosing to be part of our community at MMW. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at support@getmindfulhealth.com.

This Policy does not describe how we collect or use your Protected Health Information (as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), which such collection and/or use is covered by our Notice of Privacy Practices (“Notice of Privacy Practices”).  The Notice of Privacy Practices describes how MMW may use and disclose your Protected Health Information. If you do not agree to be bound by those terms, which are available below, you are not authorized to access or use MMW’s Services:

Notice of HIPAA Privacy Practices

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

1. WHO DOES THIS POLICY APPLY TO?

This Policy applies to any visitors to the public portions of MMW’s websites (including www.getmindfulhealth.com and futurehealth.ai) and apps, users who create accounts on our platform (“Members“), and medical providers who are using the Platform to deliver Services.

This Policy does not apply to the collection and use of information for employees or independent contractors (not including medical providers) of MMW.

2. WHAT INFORMATION DO WE COLLECT ABOUT YOU?

The information we collect about you depends on the context and your relationship with MMW, but may include the following categories:

We collect personal information that you voluntarily provide to us when registering for or using MMW’s Services, when you express an interest in obtaining information about us or our Services, or otherwise contact us. This information may include your name, address, contact email information, passwords, and payment information.

We collect data about your health, medical records, financial information (e.g., credit card number) that you provide in connection with the Services.

We collect passwords, password hints, and similar security information used for authentication and account access.

We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument.

We automatically collect certain information when you visit, use or navigate the Services or Apps. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services or Apps and other technical information. This information is primarily needed to maintain the security and operation of our Services or Apps, and for our internal analytics and reporting purposes, and as otherwise described herein.

If you use our Apps, we may also collect the following information:

We may use “cookies,” “web beacons” or “pixels” that collect certain information about you.

A “cookie” is a small data file that is accessible within a folder on a computer, and it is used for record-keeping purposes. Cookies are used to enhance performance of the Platform, personalize your experience and can be used for Third Party tracking (as described above). For example, cookies may be used to help you quickly log into certain platforms and websites without having to enter your credentials every time.

A “web beacon” or “pixel” is a tiny and sometimes invisible image or embedded code, placed on a web page or email that can report your visit or use to a third party. In general, these tools can be used to monitor the activity of users for the purpose of web analytics, advertising optimization, or page tagging.

3. HOW DO WE USE YOUR INFORMATION?

We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or for marketing and promotional purposes with your consent. In this Privacy Policy, “process” means collecting, storing and using certain data as described in more detail below. Specific uses include:

WE DO NOT USE ANY PROTECTED HEALTH INFORMATION, MEDICAL DATA OR INFORMATION OBTAINED DURING SESSIONS WITH MEDICAL PROVIDERS FOR MARKETING PURPOSES.  HOWEVER, THE FACT THAT YOU VISITED XXX’S WEBSITE MAY INDICATE THAT YOU HAVE AN INTEREST IN ADHD SERVICES, WHICH MAY RESULT IN PERSONALIZED OR TARGETED ADVERTISING BASED ON YOUR BROWSING BEHAVIOR.

4. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

Depending on the circumstances and as set forth in more detail below, we may share your data for a variety of reasons, including compliance with legal requirements, providing you Services and, with your consent, for advertising.

Your data may be shared to comply with applicable laws and regulations. For example, a court might subpoena information from us where we would be required to share certain information requested in the subpoena. In many cases, MMW does not have a choice as to whether it is required to provide certain information, nor does it necessarily have an obligation to inform you if it produces records to comply with a legal request.  This is not unique to MMW, and applies to all providers of medical services.  Further, there are many states that have strict rules governing provider-patient relationships in a telehealth context, and the confidentiality requirements associated with that.  MMW ensures that all employees who handle requests for data from law enforcement or regulatory bodies are bound by confidentiality.

We may share certain data with third parties necessary to provide the best possible Services experiences.  Examples include: data hosting and storage providers (like Amazon Web Services or Google Cloud Platform); technology service providers (like Slack or G-Suite); customer service providers (like ZenDesk); billing and payment processing service providers (like Square or PayPal).

If you opt in, we may use analytics from cookies or web beacons to process data for activities including but not limited to analyzing traffic sources, visits, and site interactions. This analysis helps us to improve our products and services and provide the best possible experience for our users.

In order to reach people who may be looking for ADHD treatment, we advertise on some third-party websites and apps. To deliver ads that are relevant, interesting, and personal, if you opt in, we may use cookies, web beacons, IP addresses or other third-party identifiers to process information regarding your activity on our websites, excluding protected health information, for such purposes, including “re-targeting.”

5. HOW LONG DO WE KEEP YOUR INFORMATION AND HOW DO I REQUEST ERASURE?

We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law*.* We are not required to keep your personal information for longer than the period of time in which users have an account with us or, if longer, the period of time required by applicable law.

Depending on where you live, you may have certain rights under data protection laws, including the right to request that we erase personal data we hold about you, and the right to request a copy of it. The following sections describe how you can exercise those rights.

MMW takes requests for data erasure seriously, and requires that requests for erasure comply with the following requirements:

In some circumstances, legal or regulatory requirements limit our ability to honor erasure requests. Examples include: if the data is subject to legal hold; if it is necessary to comply with laws and regulations and to maintain business integrity; or if such data pertains to a dispute between you and MMW. Protected health information, including medical records, may not be erased under federal law.

If, for any reason, we don’t intend to comply with a request, then we will tell you why this is the case, and outline how we weighed your rights and freedoms against our legal obligations. In such instances, any information retained will only be used for purposes contemplated under the legally recognized exemption.

6. HOW DO WE KEEP YOUR INFORMATION SAFE?

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process, including HIPAA-compliant measures where necessary.. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services or apps is at your own risk. You should only access the services within a secure environment. In the very unlikely event that a data breach occurs, we will notify you in compliance with our Notice of Privacy Practices and applicable law.

7. DO WE SELL YOUR DATA?

We will never provide your data to a third party in exchange for monetary or other compensation.

However, California law defines “sale” or “sell” to include the sharing of personal information in exchange for anything of value. If you opt in to our use of advertising cookies and web beacons, this use may be considered a “sale” of personal information in California.****

8.  DO WE COLLECT INFORMATION FROM MINORS?

In very limited circumstances, our Services may include online services that will be used to facilitate care for minors. Children under the age of 18 are not eligible to register directly for an account. If your child directly uses their account, either with or without your permission, we may collect information directly from the child. If you prefer for your child to not directly interact with MMW online, please do not provide account credentials to your child. Please note certain state patient privacy laws may permit a child to directly obtain certain types of health care services independent of their parent or guardian. Children’s online privacy is of the utmost importance to MMW, and MMW operates in strict compliance with the Children’s Online Privacy Protection Act (“COPPA”). For more information about COPPA and general tips about protecting children’s online privacy, please click here.

Minors cannot directly register for our Services. During the user registration process, the parent or guardian will create a minor’s profile by providing certain information about the minor, including name, birth date, and gender but the child will not have their own login.

Other than for providers to provide Services to a minor (with parental or guardian consent), MMW will not knowingly communicate with a minor through the messaging functionality on our platform. If a minor contacts our Services via the messaging functionality and discloses their age, we will discontinue the communication immediately.

We only collect necessary and legally required personal information from children under the age of 13 after obtaining consent from the minor’s parent or legal guardian to treat the minor through our Services. If you are under 13 years of age, then please do not use or access the Services at any time or in any manner without the supervision of a parent or legal guardian. If we learn that a person under 13 years of age has used or accessed the Services or any personally identifiable information has been collected on the Services from persons under 13 years of age without a parent or legal guardian’s consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 13 years of age has obtained an account on or otherwise accessed the Service without your consent, then you may alert us at support@getmindfulhealth.com and request that we delete that child’s personally identifiable information from our systems.

We may share information with clinicians if necessary for them to perform business, professional, or technology services for us, always in accordance with all applicable State and Federal laws including HIPAA.  We may also disclose data as required by applicable law or regulation (See Section 4).

In addition to your right to revoke your consent for the collection of your child’s personal information, you may request to review and/or erase the personal information we have collected about your child by emailing us at support@getmindfulhealth.com

9. HOW DO I CHANGE MY PRIVACY PREFERENCES?

You may terminate your account at any time by emailing support@getmindfulhealth.com . Upon account termination, MMW will handle your data in a manner consistent with this Privacy Policy.

Whether you are an active Member or not, you can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send. You will then be removed from the marketing email list.  Please note, however, we will still need to send you service-related emails that are necessary for the administration and use of your account and the Services.

You can, at any time, opt out of some or all non-strictly necessary cookies and web beacons by updating your cookie settings through the Privacy Preference Center

10. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

11.  DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

Under the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”), California residents have certain rights in addition to those outlined in this Privacy Policy, including notice about the categories of personal information we have collected and processed from them in the preceding twelve (12) months and the purposes for which the information is used or disclosed, and correction of personal information.

As defined by California law, we may process the following categories of information, as further set forth in this Privacy Policy.

California residents may request the information we have collected and processed about them over the preceding 12 months and, if any personal information is found to be inaccurate, may request that such information be corrected by emailing us at support@getmindfulhealth.com.

You may request deletion of your information as set forth in this Privacy Policy (in particular, Section 5).  Once your request is received and verified, we’ll delete your information consistent with our legal obligations and this Privacy Policy. with our legal requirements and retention policies. Reasons we may not delete information include:

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

12. DO WE MAKE UPDATES TO THIS POLICY?

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

13. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

If you have questions or comments about this policy, you may email us at support@getmindfulhealth.com.