Privacy Policy

Rhythm Wellness Mental Health Counseling PLLC

Last Updated: December 10, 2025

Introduction

Rhythm Wellness Mental Health Counseling PLLC ("we," "us," "our," or "Rhythm Wellness") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website rhythmwellnessnyc.com (the "Website") and use our services.

Please read this Privacy Policy carefully. By using our Website, you consent to the practices described in this policy. If you do not agree with this Privacy Policy, please do not use our Website.

Important Note: This Privacy Policy covers information collected through our Website. For information about how we handle Protected Health Information (PHI) in the context of providing therapy services, please see our separate HIPAA Notice of Privacy Practices, which is provided to all clients at the start of treatment.

1. Information We Collect

1.1 Information You Provide Directly

Contact Forms and Inquiries
When you contact us through forms on our Website or via email, we may collect:

• Name

• Email address

• Phone number

• Message content

• Any other information you choose to provide

Appointment Scheduling
If you schedule an appointment through our Website, we may collect:

• Name and contact information

• Preferred appointment times

• Reason for seeking services

• Insurance information

Newsletter Signup (if applicable)
If we offer a newsletter or mailing list:

• Email address

• Name (optional)

• Preferences for content

1.2 Information Collected Automatically

When you visit our Website, we automatically collect certain information about your device and browsing activity:

Usage Data:

• IP address

• Browser type and version

• Operating system

• Pages visited and time spent on pages

• Referring website

• Date and time of visit

• Device information

Cookies and Tracking Technologies: We use cookies and similar tracking technologies to enhance your experience. See Section 4 for more details.

1.3 Information from Third Parties

We may receive information about you from third-party services we use, such as:

• Analytics providers (e.g., Google Analytics)

• Scheduling platforms

• Payment processors

• Insurance verification services

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 To Provide and Improve Services

• Respond to your inquiries and requests

• Schedule and manage appointments

• Provide mental health counseling services

• Send appointment reminders

• Process payments

• Improve our Website and services

• Analyze usage patterns and trends

2.2 To Communicate With You

• Send you information you requested

• Provide customer support

• Send administrative information (policy updates, service changes)

• Send newsletters or marketing communications (with your consent, and you may opt out)

2.3 Legal and Safety Purposes

• Comply with legal obligations

• Protect our rights and property

• Prevent fraud and enhance security

• Respond to legal requests from law enforcement or government authorities

2.4 Business Operations

• Manage our practice operations

• Conduct research and analysis (in de-identified or aggregated form)

• Evaluate and improve our services

3. Legal Basis for Processing (GDPR Compliance)

If you are located in the European Economic Area (EEA), we process your personal information based on the following legal grounds:

• Consent: You have given explicit consent for us to process your personal information for specific purposes

• Contract: Processing is necessary to fulfill a contract with you (e.g., providing therapy services)

• Legal Obligation: We must process your information to comply with legal requirements

• Legitimate Interests: Processing is necessary for our legitimate business interests, provided these do not override your rights

4. Cookies and Tracking Technologies

4.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember information about your visit.

4.2 Types of Cookies We Use

Essential Cookies
Required for the Website to function properly (e.g., security, session management)

Analytics Cookies
Help us understand how visitors use our Website (e.g., Google Analytics)

Functional Cookies
Remember your preferences and settings

Marketing Cookies (if applicable)
Track your activity to deliver relevant advertising

4.3 Third-Party Cookies

We use the following third-party services that may set cookies:

• Google Analytics: Website usage analytics

• Headway & SimplePractice: Appointment booking functionality

• Ivy Pay: Payment processing

4.4 Managing Cookies

You can control cookies through your browser settings:

• Chrome: Settings > Privacy and Security > Cookies

• Firefox: Settings > Privacy & Security > Cookies

• Safari: Preferences > Privacy > Cookies

• Edge: Settings > Cookies and Site Permissions

Please note that disabling cookies may affect Website functionality.

Opt-Out Links:

• Google Analytics: https://tools.google.com/dlpage/gaoptout

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Website hosting providers

• Analytics services (e.g., Google Analytics)

• Appointment scheduling platforms

• Payment processors

• Email service providers

• Insurance verification services

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Court orders or subpoenas

• Government or law enforcement requests

• Legal proceedings

• Protection of our rights or property

• Prevention of fraud or illegal activity

5.4 With Your Consent

We may share your information with third parties when you give us explicit consent to do so.

5.5 Protected Health Information (PHI)

For clients receiving therapy services, the sharing of Protected Health Information is governed by HIPAA and our HIPAA Notice of Privacy Practices. PHI is subject to stricter protections than information collected through this Website.

6. Data Security

We implement reasonable security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (SSL/TLS)

• Secure servers and hosting

• Access controls and authentication

• Regular security assessments

• Staff training on privacy and security

However, please note: No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Do Not Send Sensitive Information: Do not send sensitive personal information, protected health information, or confidential communications through unsecured email or contact forms. Use our HIPAA-compliant client portal for such communications.

7. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

General Website Information: We typically retain website usage data and contact form submissions for up to 3 years, or as needed for business purposes.

Client Records: For individuals who become therapy clients, we retain clinical records in accordance with New York State law and professional standards (typically 6 years after the last date of service for adults, longer for minors).

Deletion Requests: You may request deletion of your information as described in Section 9 (Your Rights).

8. Third-Party Websites

Our Website may contain links to third-party websites, including:

• Mental health resources

• Crisis hotlines

• Professional organizations

• Social media platforms

We are not responsible for the privacy practices of these third-party websites. We encourage you to review their privacy policies before providing any information.

9. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

9.1 Access and Portability

You may request a copy of the personal information we hold about you.

9.2 Correction

You may request that we correct inaccurate or incomplete information.

9.3 Deletion

You may request that we delete your personal information, subject to certain exceptions (e.g., legal obligations, active therapy relationships).

9.4 Restriction

You may request that we limit how we use your information.

9.5 Objection

You may object to our processing of your information for certain purposes.

9.6 Opt-Out of Marketing

You may opt out of receiving marketing communications by:

• Clicking "unsubscribe" in emails

• Contacting us at info@rhythmwellnessnyc.com

• Calling 646-875-8927

9.7 How to Exercise Your Rights

To exercise any of these rights, please contact us:

• Email: info@rhythmwellnessnyc.com

• Phone: 646-875-8927

• Mail: 224 W 35th St Ste 500 #652, New York, NY 10001

We will respond to your request within 30 days. We may need to verify your identity before processing your request.

10. Children's Privacy

Our Website and services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18 through our Website.

If you are a parent or guardian and believe we have collected information about a child, please contact us immediately, and we will delete the information.

Note: When providing therapy services to minors, we collect and maintain information as required by law and professional standards, with appropriate parental consent. This is governed by our HIPAA Notice of Privacy Practices and informed consent documents.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

11.1 Right to Know

You have the right to request:

• Categories of personal information we collect

• Sources of personal information

• Business purposes for collecting information

• Categories of third parties with whom we share information

• Specific pieces of personal information we hold about you

11.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

11.3 Right to Opt-Out

We do not sell personal information. If we ever do in the future, you will have the right to opt out.

11.4 Right to Non-Discrimination

You have the right to not receive discriminatory treatment for exercising your CCPA rights.

11.5 How to Exercise CCPA Rights

Contact us at info@rhythmwellnessnyc.com or 646-875-8927. We will verify your identity and respond within 45 days.

12. Nevada Privacy Rights

If you are a Nevada resident, you have the right to opt out of the sale of your personal information. We do not sell personal information. If this changes, we will update this policy and provide a method to opt out.

13. International Data Transfers

Our Website is hosted in the United States, and our services are intended for individuals located in New York State. If you access our Website from outside the United States, your information will be transferred to, stored in, and processed in the United States.

By using our Website, you consent to the transfer of your information to the United States, which may have different data protection laws than your country of residence.

14. Do Not Track Signals

Some browsers have "Do Not Track" (DNT) features. Our Website does not currently respond to DNT signals. We will update this policy if we implement DNT response functionality in the future.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The "Last Updated" date at the top indicates when this policy was last revised.

15.1 Notification of Changes

For material changes, we will:

• Post a notice on our Website homepage

• Send an email notification (if you have provided your email address)

• Update the "Last Updated" date

15.2 Your Continued Use

Your continued use of our Website after changes are posted constitutes your acceptance of the updated Privacy Policy.

16. HIPAA Notice of Privacy Practices

This Privacy Policy applies to information collected through our Website. For information about how we handle Protected Health Information (PHI) when providing therapy services, please see our separate HIPAA Notice of Privacy Practices, which:

• Explains how we use and disclose your health information

• Describes your rights under HIPAA

• Outlines our legal obligations

• Is provided to all clients at intake

The HIPAA Notice provides additional protections for your health information beyond what is described in this general Website Privacy Policy.

17. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Rhythm Wellness Mental Health Counseling PLLC
224 W 35th St Ste 500 #652
New York, NY 10001

Phone: 646-875-8927
Email: info@rhythmwellnessnyc.com

Office Hours: [Insert your office hours]

18. Complaints

If you believe we have violated your privacy rights or disagree with a decision we made about your information, you may file a complaint with:

U.S. Department of Health and Human Services
Office for Civil Rights
Website: https://www.hhs.gov/ocr/complaints
Phone: 1-800-368-1019

You may also contact the New York State Attorney General's office or other relevant regulatory authorities.

We will not retaliate against you for filing a complaint.

Acknowledgment

By using our Website, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.