COLLECTION AND USE OF PERSONAL INFORMATION
We collect information, including personal information from you when you register for a Member account or a Facilities account, when you utilize our User email or telephone referral service, when you register for a workshop or event, when you subscribe to a newsletter or blog, when you submit a question, or when you provide your information to us directly through any Empathie, LLC Service. For purposes of this policy, “personal information” refers to any information about an identified or identifiable individual, including financial account information and Protected Health Information (PHI/ePHI).
We collect personal information from and about Members and Facilities through paid Empathie, LLC Services, and publish that information in public directories. We collect personal information from and about consumers and other individuals who as free Users of the Sites submit their information for a specific purpose; and we utilize that information to fulfill the Users’ request.
By providing information to us through any Empathie, LLC Services, consumers consent to our collection of such information and our sharing of that information with a Member or Facility as set forth in this policy. Users, Members, and Facilities certify that in all cases where personal information is submitted via Empathie, LLC Services that the disclosure does not violate the PCI DSS, HIPAA, GDPR, or any other law or regulation.
We generally collect and use information as follows:
From Members with a Paid Empathie, LLC Account
To obtain an Empathie, LLC Paid Member Account, you must provide contact information (name, address, phone number, and email address) in addition to other personal information and information about your practice, and payment information to authorize automatic recurring billing for your membership fees. You represent and warrant that you have the right to provide Empathie, LLC with any information, content, data, or materials provided by you, and that the disclosure does not violate the PCI DSS, HIPAA, GDPR, or any other law or regulation.
We use your personal information to administer your account, to send you messages about referrals you have received from our Sites, to send you information related to subscriptions you have signed up for via the Sites, and to send you information about our company and your account. We use the information you provide about your mental health practice as part of the public Empathie, LLC Therapist Directory, all or part of which may be further distributed to the Empathie, LLC Network of third-party sites. Note that as this is public information, Empathie, LLC has no control over how third parties may utilize this information.
We use billing and financial information (bank account numbers/credit card numbers) to process recurring membership fees and other fees as applicable, via third-party payment processors. Empathie, LLC does not store any bank account or credit card information in its own systems. All payment card data and bank account data are stored by our third-party vendors who are contractually required to be PCI Compliant and to adhere to all NACHA rules for ACH payment processing.
We may use your personal information to send you promotional products and information about Empathie, LLC, the Sites, and/or on behalf of our parent company, partner companies, subsidiaries, and affiliates. We may also create anonymous records from personal information by excluding information (such as your name) that makes the information personally identifiable to you. We may use this anonymous information to direct future development, including but not limited to analyzing usage patterns so that we may enhance our services, and providing reports based on anonymous non-personal information.
From Consumer Users accessing and utilizing Empathie, LLC Sites and Services
Any Personal Information we collect about a consumer or other individual is used solely for the purpose of providing Empathie, LLC Services or as otherwise set forth herein.
When a User sends an email to a Member or Facility through the Sites, the User’s name, phone number, email address, and message is recorded as part of the transmission process. This information is utilized by Empathie, LLC for purposes of administering the Sites and Services, including but not limited to moderating for spam or other content that is in violation of our Terms of Service for Users. This information is also provided to the Member or Facility to which the User directs the email. When the Member or Facility has been contacted, the User is notified via the provided email address.
When a User calls a Member or Facility through the telephone number posted on the Sites, standard caller identification information is collected including the caller’s phone number and the name to which the line is registered. This information is shared with the Member or Facility to which the User directs the call, and it is stored by Empathie, LLC for use in administering its Services.
When a User registers (or attempts to register) for a public event, workshop, web conference, or public non-professional membership, Empathie, LLC stores all information entered on the registration form, regardless of whether the registration is successful. This information may be used by Empathie, LLC for communicating with you about the registration, for administering our Services, and for internal analysis of site usage, and sales and marketing campaigns. In some cases (as disclosed on the registration page) this information is shared with the third party sponsoring the public event, workshop, web conference, or membership.
When a User subscribes to the Empathie, LLC newsletter or blog (including but not limited to the Empathie, LLC Newsletter, and the Find Empathie Blog), Empathie, LLC collects and stores the User’s email address. The User’s email address is used to send newsletters, blog posts, blog comment summaries, and other information based on the selections made by the User. Additionally, Empathie, LLC may use the email address of any subscriber to send occasional email updates on helpful resources related to therapy and counseling.
When a User posts a comment to the Empathie, LLC blog (including but not limited to the Find Empathie Blog) we store the User’s name, email address, and comment text. Users understand that any information submitted via a blog comment form may be made public in any form (including but not limited to any edits deemed appropriate by Empathie, LLC) at the sole discretion of Empathie, LLC. The email address provided will be used to acknowledge the submission and to communicate with the User regarding the submission. Users submitting comments to a blog post represent and warrant that the disclosure of any information, content, data, or materials provided is properly authorized, anonymized where necessary, and does not violate the HIPAA, GDPR, or any other law or regulation.
When a User submits a question via the “Contact Us” form, the User’s email address, selected nickname, and full text of the question is stored by Empathie, LLC. This information may be shared with Empathie, LLC Members and/or Facilities, and may be made public in any form (including but not limited to any edits deemed appropriate by Empathie, LLC) at the sole discretion of Empathie, LLC. The email address provided will be used to acknowledge the submission and to communicate with the User regarding the submission. Users submitting content via the “Contact Us” form represent and warrant that the disclosure of any information, content, data, or materials provided is properly authorized, anonymized where necessary, and does not violate the HIPAA, GDPR, or any other law or regulation.
When a User submits a personal story via the “Submit Your Story” form, the User’s email address, name, biography, submitted photos, and full text of the story submission is stored by Empathie, LLC. This information may be shared with Empathie, LLC Members and/or Facilities, and may be made public in any form (including but not limited to any edits deemed appropriate by Empathie, LLC) at the sole discretion of Empathie, LLC. The email address provided will be used to acknowledge the submission and to communicate with the User regarding the submission. Users submitting content via the “Submit Your Story” form represent and warrant that the disclosure of any information, content, data, or materials provided is properly authorized, anonymized where necessary, and does not violate the HIPAA, GDPR, or any other law or regulation.
Additionally, to make our Sites more useful to you, and to adhere to the PCI DSS, HIPAA, GDPR, and other applicable laws and regulations our servers (which may be hosted by a third-party service provider) collect personal information and other data from you, including (without limitation) browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to your computer when you use the internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit. Like most internet services, we automatically gather this information and store it in log files each time you visit our website or access your account on our network.
We may also create anonymous records from Personal Information by excluding information (such as name) that makes the information personally identifiable to a specific consumer or other individuals. We may use this anonymous information for certain business purposes of Empathie, LLC, its subsidiaries or affiliates, including but not limited to, directing future development efforts, analyzing usage patterns so that we may enhance our services, and providing reports based on anonymous non-personal information. We may also use anonymized PHI/ePHI as authorized by HIPAA.
COOKIES AND SIMILAR TECHNOLOGIES
Certain portions of our Services may collect information via cookies, web beacons, pixel tags, and similar digital tracking technologies. These technologies can be used to collect and analyze other information related to the devices you use to access the Services, such as IP addresses, browser types, browser language, unique device identifiers, and other information about your computer(s) and/or mobile device(s).
We may also use these technologies to log click-stream or similar data collected from certain portions of our Sites. Generally, this information is collected when you request pages from our Sites, and typically includes information such as the page served, the time, the source and type of browser making the request, the most recent page view, what you clicked on in order to arrive at our Sites, the content you viewed on our Sites, and other similar information relating to your use of our Sites.
We typically use these cookies and similar technologies for essential and functional purposes (e.g. to maintain an active session), to improve the performance and usability of our Sites, and to analyze how users interact with the Services (e.g. to understand how long users stay on a page, how often they return, and how they arrived at our Site). On certain portions of our Sites, we may collect data through these technologies for advertising, remarketing, or other similar purposes. Click-stream and related data are typically used for purposes of system administration, to improve our Services, for marketing and advertising-related purposes, and other similar uses.
When You Contact us Through the Services
When you submit an online “contact us” or other online inquiry form, or when you call, write, fax or otherwise initiate contact with Empathie, LLC, we record your contact information (name, address, phone number, email address, and topics, therapist type, or facility type of interest) in our systems. This information is used for answering your questions, connecting you with a Member or Facility, as well as ongoing marketing communication programs. In some cases, you may be referred to Empathie, LLC online inquiry form via a link on a third party referral website. In that case, any information collected on the Empathie, LLC hosted online inquiry form may be shared with the referring party, and that referring party may use it for their own, non-Empathie, LLC related marketing communication programs. If you exchange any messages through our Sites or through our Services, we may store those as well.
From Online Surveys
We may occasionally ask Users, Members, and Facilities to complete optional online surveys. These surveys may ask for contact information and demographic information (like zip code, age or income level). We may use this data to tailor the experience on the Sites, provide content that we think might be of interest, and to display content according to a User’s, Member’s or Facility’s stated preferences. We sometimes use contact data from our surveys to send information about our company and/or promotional material on behalf of our parent company, partners, subsidiaries or affiliates.
LINKS TO THIRD-PARTY WEBSITES
HOW WE SHARE INFORMATION WITH THIRD PARTIES
If you use the Services to contact a Member or Facility via email or phone, we may grant access to or share with the Member or Facility any and all information we collect as part of that communication, including Protected Health Information (PHI/ePHI), except where that disclosure is prohibited by law, regulation or other obligations (e.g. for data security).
Finally, in extraordinary circumstances, we may share any personal or other information we possess, including but not limited to credit card and other financial account information, Protected Health Information (PHI/ePHI), and content submitted via any form on the Sites, when necessary or appropriate to comply with the law; cooperate with law enforcement or national security requirements; prevent physical harm to one or more individuals or serve the interest of public safety; respond to lawful requests; comply with law or credit card rules; participate in a lawful federal, state or local government investigation; protect the rights of Empathie, LLC, Empathie, LLC Users and members; or to investigate violations of or to enforce our Terms of Service. However, in doing so, we may: (i) dispute demands for release to the extent we believe, in our sole discretion, are unwarranted, illegitimate or overbroad; and (ii) when we determine that it is necessary or appropriate, we will notify you of any requests for release.
In all cases where we share Personal Information with third parties, we will use a “minimum necessary” standard to disclose only that information required to perform the service for which the information is disclosed.
DATA RETENTION POLICY, MANAGING YOUR INFORMATION
We will retain personal information for as long as you remain an active Empathie, LLC User, or Membe, and for a reasonable time thereafter.
We may store for as long as a valid business reason exists, which may be indefinite, any Personal Information, including but not limited to Protected Health Information (PHI/ePHI), collected about a consumer or other individual, whether entered directly into our systems via the Sties by the consumer, or entered by an authorized Empathie, LLC staff member, authorized Member User, or authorized Facility User.
We may retain anonymized and aggregate data indefinitely.
Upon termination of a contract with a Covered Entity, we will remove any ePHI stored in our systems on behalf of that Covered Entity where required by applicable law.
Empathie, LLC takes security very seriously and has security measures in place designed to protect against the loss, misuse and alteration of the information under our control. Our platform uses the most powerful security tools that exist in the marketplace.
The Empathie, LLC Sites, including hosted web forms, utilize secure SSL for all form data submissions in conjunction with a 256-bit GlobalSign certificate but accommodate the majority of browsers at 128-bit encryption.
Empathie, LLC does not directly store, process, or transmit bank account and credit card information. All payment processing, and collection of payment account data, is accomplished via an integration with third-party service providers. These providers are contractually required to maintain compliance with the PCI DSS – Payment Card Industry Data Security Standards, and with all NACHA rules for ACH transaction processing. This includes secure transmission of credit card/bank account information and encrypted storage of all payment account information.
You may opt-out of receiving marketing communications from us by following the opt-out instructions we include in such communications.
You may unsubscribe from any Empathie, LLC newsletter or blog by following opt-out instructions we include in such communications, or by completing the unsubscribe form on our website.
To the extent required by law, you may choose to opt-out of sharing with any other parties with whom we may share your personal information; however, you may be unable to use the Services or certain features if you wish to limit such sharing.
ACCESSING, CORRECTING AND DELETING YOUR INFORMATION
Empathie, LLC acknowledges the right of individuals to access their personal data. If you are a Member or Facility, you may access and modify your personal and other account information using your account settings page. You may also access, change and modify information previously provided or collected by sending an email to Empathie, LLC at firstname.lastname@example.org, LLC to initiate changes or modifications or to obtain a file for review. Note that Empathie, LLC will require you to verify your identity prior to releasing any personal information.
You may close your Empathie, LLC member account by contacting Empathie, LLC Customer Care at support@Empathie.com
Further, you may request that your personal information be removed from all Empathie, LLC systems. This request must be made in writing to the address provided below. Note that if you request removal of your personal information you will no longer have access to any existing Empathie, LLC account and will not be able to use any Empathie, LLC product or service. Empathie, LLC reserves the right to retain certain account information for its recordkeeping or compliance purposes.
If you are a User who utilized Empathie, LLC Services to contact or otherwise submit information to a Member or Facility, you must contact that provider/company directly to request that the Member/Facility provide you with access to the Personal Health Information (PHI/ePHI) stored in Empathie, LLC systems on its behalf, that it make changes to that ePHI, and/or that the ePHI be deleted from Empathie, LLC systems. Additionally, any Member or Facility that has received your personal information or PHI/ePHI via Empathie, LLC Services may have stored it in systems outside of Empathie, LLC. In these situations, you must contact the Member or Facility independently and request access to your personal information, correction of your personal information, and/or deletion of your personal information. Empathie, LLC has no control over the data retention and removal policies of its Members or Facilities, and can in no way guarantee the security, accuracy, or privacy of data once it leaves our environments.
Note that using the system delete function to remove any data, or to remove any personal data associated with your Member or Facility account, only restricts viewing that data from any system interface and prevents utilizing that data for any system function. It does not permanently delete the data from Empathie, LLC systems. To have any personal data permanently deleted from Empathie, LLC systems, you must make an official request in writing, to the address provided below or by emailing privacy@Empathie.com, LLC, that includes the specific information that you would like permanently deleted from Empathie, LLC systems. Note that Empathie, LLC will require you to verify your identity prior to executing any request to permanently delete data.
California residents may request and obtain from us a list of what personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. You may make one request each year by contacting us as set forth below.
If you have any questions or concerns, please contact Empathie, LLC by email at privacy@Empathie.com. We will do our best to address your concerns. If you feel that your complaint has been addressed incompletely, we invite you to let us know for further investigation. If we are unable to reach a resolution to the dispute, you and Empathie, LLC will settle the dispute exclusively as set forth in the Terms of Service as applicable.
A NOTE ABOUT CHILDREN
We do not intentionally gather information about visitors who are under the age of 18. If you are under the age of 18 you should not use our Sites or Services.
With respect to EU Personal Data (as defined in our Terms of Service), Empathie, LLC (i) processes Personal Information provided as part of a Member or Facility account and related registration information, and User information provided in connection with the Empathie, LLC Services as necessary to complete a contact, contract or transaction requested by the data subject, and for the legitimate interests of Empathie, LLC and its Members and Facilities, specifically in relation to fraud prevention, identity theft protection, and other security measures, and for internal/administrative purposes; (ii) may process Personal Information for the legitimate interests of Empathie, LLC (with respect to User, Merchant, and Facility EU Personal Data) relating to direct marketing; and (iii) processes Personal Information from automatic website collection (e.g. IP addresses), cookies and similar tracking technologies in accordance with data subjects’ consent, except in the case of essential and functional cookies or and IP addresses which are processed for Empathie, LLC’s legitimate interests in analyzing, improving and administering the Services, e.g. by delivering a web page or analyzing aggregate web traffic to our Services.
GDPR RIGHTS FOR EU USERS, MEMBERS, AND FACILITIES
Empathie, LLC takes the protection of your privacy and confidentiality very seriously. We understand that all visitors to our Sites are entitled to know that their personal data will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party. We undertake to preserve the confidentiality of all information you provide to us. However, Empathie, LLC cannot be responsible for ensuring the security, accuracy, or privacy of your data once it leaves our environments (as directed by Users, Merchants, and Facilities utilizing the Services).
GDPR requires us to tell you about your rights and our obligations to you in regards to the processing and control of your personal data. We do this now, by requesting that you read the information provided at www.knowyourprivacyrights.org.
Find Empathie, LLC
Glen Arm, MD 21057
Last Update: 04-20-2020