PRIVACY POLICY
Your privacy is important to us. This Privacy Policy explains how Idyllium Behavioral Health (“Idyllium,” “we,” “our,” or “us”) collects, uses, shares, and protects your personal information when you use our services, including our website, telehealth platform, and future in-person services.
By using our services, you consent to this Privacy Policy.

1. INFORMATION WE COLLECT
We collect personal information to provide you with safe, effective, and personalized mental health care. The types of information we collect include:

a. Information You Provide Directly:

• Name, date of birth, and contact details (email, phone, address)

• Health information, including your medical history, medications, and details you provide during consultations

• Payment information (if paying privately)

• Insurance details (if applicable)

• Communications with our team (emails, messages, or phone calls)

b. Information We Collect Automatically:

• Device information (IP address, browser type, operating system)

• Usage data (pages visited, time spent, navigation patterns)

c. Information from Third Parties:

• Insurance providers

• Healthcare providers involved in your care

• Technology services we use for telehealth and billing

We collect only what is necessary to provide you with care and operate our services.

2. HOW WE USE YOUR INFORMATION
We use your information to:

• Provide mental health services (telehealth and in-person)

• Comply with legal and regulatory requirements (HIPAA and state laws)

• Manage appointments and communicate with you

• Process payments and insurance claims

• Improve and personalize your experience

• Maintain the security of our services

• Send administrative updates, like policy changes or service updates

We do not sell your personal health information to third parties.

3. SHARING YOUR INFORMATION
We may share your information in the following circumstances:

• With your consent or at your direction

• With healthcare providers involved in your care

• With service providers who help us operate our platform (e.g., electronic health records, payment processors, telehealth technology) — all of whom are bound by confidentiality and HIPAA requirements

• As required by law, such as in response to a court order or legal obligation

• If there’s a serious threat to your health or safety or the health and safety of others
  
  

4. HIPAA COMPLIANCE
Idyllium Behavioral Health complies with the Health Insurance Portability and Accountability Act (“HIPAA”) and applicable state privacy laws. Your health information is protected under HIPAA regulations.
To learn more about your rights under HIPAA, you can visit: https://www.hhs.gov/hipaa/index.html

5. DATA SECURITY
We take reasonable administrative, technical, and physical safeguards to protect your personal information. This includes:

• Encryption of sensitive data

• Secure platforms for telehealth services

• Restricted access to personal health information

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. RETENTION OF INFORMATION
We retain your personal health information as required by law and as necessary to provide you with services. When no longer needed, we securely dispose of your information in accordance with legal and ethical guidelines.

7. YOUR RIGHTS
Depending on your state and applicable law, you may have the right to:

• Access your personal health information

• Request corrections to your records

• Request restrictions on the use or disclosure of your information

• Request an accounting of disclosures

• Request electronic copies of your health records

To exercise any of these rights, please contact us.

8. THIRD-PARTY LINKS
Our website may contain links to third-party sites. We are not responsible for the privacy practices or content of external sites. We encourage you to review the privacy policies of those websites.

9. CHILDREN’S PRIVACY
Our services require parental or legal guardian consent for individuals under the age of 18.
We do not knowingly collect personal information from minors under 18 without the involvement and consent of a parent or guardian. If we become aware that we have collected personal information from a minor without appropriate consent, we will take steps to delete that information promptly.

10. UPDATES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.
Significant changes will be communicated via email or other means as appropriate.