Information Collection, Use, and Disclosure
Categories of Information Collected
Visitor Data: Behavioral Health Solutions collects, uses, and stores data regarding user visits to its website and use of the Behavioral Health Solutions application (“Visitor Data”), including the particular pages visited or viewed by the user, the amount of time the user spent on the website or application, website errors experienced by the user, visits to the Behavioral Health Solutions “FAQ” page, and information about the browser or device used to access the website and application, such as the user’s mobile device ID and IP address. These practices apply to users who visit pages for prospective new customers as well as those who visit pages for prospective providers.
Onboarding Data: In addition to the questionnaire responses provided by users (including providers) in the process of initial registration, Behavioral Health Solutions collects, uses, and stores certain additional data from users during the onboarding process (“Onboarding Data”). This data includes the pages viewed by the user, whether the user clicks the “Get started” link to begin completing the questionnaire, and whether the user responds to any of the questionnaire prompts.
Account Registration Data: Behavioral Health Solutions collects, uses, and stores certain information in connection with the account registration process, such as whether users registered using their Facebook or Google profiles, and whether a user verifies their reported email address or phone number (“Account Registration Data”). Behavioral Health Solutions also assigns each user (including providers) who creates a Behavioral Health Solutions account an anonymized, randomly-generated client ID.
Transaction Data: Behavioral Health Solutions collects, uses, and stores certain information regarding payment for its services by users and related transactions on its website, such as whether a user completed payment for Behavioral Health Solutions’s services, signed up for Behavioral Health Solutions’s services using a trial offer, canceled or otherwise ended a trial, or completed a request to receive financial aid for Behavioral Health Solutions’s services (“Transaction Data”).
Login Data: Behavioral Health Solutions collects, uses, and stores data regarding logins to Behavioral Health Solutions’s Platform by registered users (including providers) and activity conducted during that log in such as when a user logs in, the number of messages received or sent through Behavioral Health Solutions’s website or app during that log in, and whether a user has been assigned, started, or completed a Provider goal (“Login Data”). Login Data does not include the content of any messages sent or received by users or the content of any Provider goals.
Provider Session Data: Behavioral Health Solutions collects, uses, and stores certain general data regarding user provider sessions such as whether a live session has been scheduled by the user, whether a Provider or user joins a scheduled session, when a Provider session began and ended, and whether a Provider session was canceled or re-scheduled.
Customer Data: Behavioral Health Solutions collects, uses, and stores certain data from users that have signed up for Behavioral Health Solutions’s services such as a user’s self-reported name or nickname, age, e-mail address, phone number, and emergency contact information (“Customer Data”).
Provider Data: In order to credential, recredential, run checks and pay providers, Behavioral Health Solutions collects, uses, and stores certain data from providers. This data includes information such as the Provider’s name, e-mail address, and phone number, address, NPI number (if applicable), CAQH number (if applicable) and education and job history (“Provider Data”).
Communications Data: Behavioral Health Solutions collects, uses, and stores communications between users and providers on the Platform, and communications between users and Behavioral Health Solutions’s customer service team (“Communications Data”).
Purposes for Which Information is Used
We may use the information we collect for one or more of the following purposes:
Communication with you
- To contact you or provide you with information, alerts and suggestions that are related to the Platform.
- To verify your identity.
- To complete an activity you requested, such as register for the Platform or obtain more information.
- To reach out to you, either ourselves or using the appropriate authorities, if we have a good reason to believe that you or any other person may be in danger or may be either the cause or the victim of a criminal act.
Delivery of services to you
- To create your account on our Platform and let you log in to your account and use the Platform.
- To manage your account, provide you with customer support, and ensure you are receiving quality service.
- For billing and transaction processing purposes.
- To match users with providers and facilitate the Provider Services.
- To provide, support, personalize, and develop our Platform and the Provider Services.
Administration and improvement of services
- To supervise, administer and monitor the Platform.
- To measure and improve the quality, effectiveness and delivery of our services.
Customization and marketing
- To advertise and market the Platform and Provider Services to potential users and providers.
- To personalize website experience and to deliver content and product and service offerings relevant to individual interests, including targeted offers and ads through our websites, third-party sites, and via email or text message.
Compliance with law
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- To comply with applicable state and federal laws, including, but not limited to laws related to protecting client and public health and safety.
Other uses with consent
- Any other purpose with your consent.
Purposes for Which Information is Disclosed to Third Parties
Information about you may be disclosed to third parties for one or more of the following purposes:
For business purposes and advertising: We may share a user’s information with a Provider and a Provider’s information with a user only as necessary for facilitating the Provider Services. We may also share your information with vendors and service providers, including our data hosting and data storage partners, analytics and advertising providers, and vendors providing technology services and support, payment processing, and data security. We also may share information with professional advisers, such as auditors, law firms, and accounting firms.
With your direction or consent: We may share your information with third parties if you request or direct us to do so.
With affiliates within our corporate group: We may share your information with any subsidiaries or parent companies within our corporate group.
Compliance with law: We may share your information with a court, a regulatory entity, law enforcement personnel, or pursuant to a subpoena, to comply with applicable law or any obligations thereunder.
In the context of a transaction: We may share your information in connection with an asset sale, merger, bankruptcy, or other business transaction.
Note that if you make any information publicly available on the Platform, anyone may see and use such information.
Opting out of Marketing Communication
You can opt out of receiving email marketing by unsubscribing using the unsubscribe link provided in all of our marketing email communications.
Cookies and Web Beacons
Like many websites, we use “cookies” and “web beacons” (also known as pixels) to collect information. A “cookie” is a small data file that is transferred to your computer’s hard disk for record-keeping purposes. We collect cookies that are necessary for the Platform to function, cookies that enhance the Platform’s performance, and cookies used for third-party tracking. A “web beacon” is a tiny and sometimes invisible image or embedded code, placed on a Web page or email that can report your visit or use to a third party. Web beacons are typically used by third parties to monitor the activity of users at a website for the purpose of web analytics, advertising optimization, or page tagging. Additional information regarding web beacons is available on Wikipedia.
You can change your browser’s settings so it will stop accepting cookies or to prompt you before accepting a cookie.
Our Platform also uses analytics vendors to collect information (for example, Visitor Data and Onboarding Data) about user actions on our websites for purposes of analytics and analysis of certain Platform usage.
Social and General Information Tools
Online identity theft and account hacking, including the practice currently known as “phishing”, are of great concern. You should always be diligent when you are being asked for your account information and you must always make sure you do that in our secure system. We will never request your login information or your credit card information in any non-secure or unsolicited communication (email, phone or otherwise).
Security of Information
While using any Internet-based service carries inherent security risks that cannot be 100% prevented, our systems, infrastructure, encryption technology, operation and processes are all designed, built and maintained with your security and privacy in mind. We apply industry standards and best practices to prevent any unauthorized access, use, and disclosure. We comply with all applicable federal laws, state laws, and regulations regarding data privacy.
We may employ third party companies and individuals to facilitate our Platform, to perform certain tasks which are related to the Platform, or to provide audit, legal, operational or other services for us. These tasks include, but not limited to, customer service, technical maintenance, monitoring, email management and communication, database management, billing and payment processing, reporting and analytics. We will share with them only the minimum necessary information to perform their task for us and only after entering into appropriate confidentiality agreements.
We do not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to become our user. The Platform is not directed and not intended to be used by children under the age of 13. If you are aware that we have collected Personal Information from a child under age 13 please let us know by contacting us and we will delete that information.
Compliance with Laws and Law Enforcement
We cooperate with government and law enforcement officials to enforce and comply with the law. We may disclose information necessary or appropriate to protect the safety of the public or any person, to respond to claims and legal process (including but not limited to subpoenas), and to prevent or stop activity that may be illegal or dangerous. You should also be aware that providers may be obliged to disclose information to law enforcement or other authorities to conform to their professional and legal responsibilities. Specifically, and without limitation, you should be aware that the law requires mental health professionals to disclose information and/or take action in the following cases: (a) reported or suspected abuse of a child or vulnerable adult; (b) serious suicidal potential; (c) threatened harm to another person; (d) court-ordered presentation of treatment.
Effective: July 20, 2021