Privacy Policy

Introduction

True2U Counseling ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our counselling services.

Relationship to Practice Documents

If you are a client of True2U Counseling, you may have signed additional privacy-related documents such as a HIPAA Notice of Privacy Practices or Informed Consent. In the event of any conflict between this Privacy Policy and your signed documents, the terms of your signed documents shall govern with respect to the therapeutic relationship and protected health information.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Fill out contact forms
• Book appointments
• Subscribe to our newsletter
• Communicate with us via email or chat

This information may include:

• Name
• Email address
• Phone number
• Mental health concerns and symptoms
• Personal history and therapeutic background information
• Session notes and treatment progress records
• Crisis assessment information
• Family/relationship details shared during therapy
• Any other information you choose to provide

Automatically Collected Information

When you visit our website, we may automatically collect certain information, including:

• IP address
• Browser type and version
• Operating system
• Referring URLs
• Pages visited and time spent on pages
• Device information

How We Use Your Information

We use the information we collect for the following purposes:

• To provide therapeutic services and treatment planning
• To maintain clinical records in accordance with professional standards
• To assess risk and ensure client safety
• To coordinate care with other healthcare providers (with your consent)
• To respond to your inquiries and requests
• To schedule and manage appointments
• To send you marketing communications (with your consent)
• To improve our website and services
• To analyze usage patterns and optimize user experience
• To detect and prevent fraud or abuse
• To comply with legal obligations

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. You can control cookie preferences through our cookie consent dialog.

Third-Party Cookies

Our website uses third-party services that set their own cookies. We do not have direct control over these cookies or their lifespan. These services include:

• hCaptcha: Sets cookies for spam prevention and bot detection. See the hCaptcha Privacy Policy for details on their cookies.
• Google Analytics: Sets cookies to collect usage statistics and analytics data. See Google's Cookie Policy for details.
• Microsoft Clarity: Sets cookies to analyze user behavior and session recordings. See the Microsoft Privacy Statement for details.

Analytics and Consent

We use Google Analytics and Microsoft Clarity to understand how visitors use our site. These services may collect information such as your IP address, browser type, pages visited, and time spent on pages. Analytics cookies are only activated with your explicit consent through our cookie consent dialog.

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: We use third-party service providers who perform services on our behalf, including:
  • hCaptcha: For form protection and spam prevention (see hCaptcha Privacy Policy)
  • Google Analytics: For website analytics and usage tracking (see Google Privacy Policy)
  • Microsoft Clarity: For website analytics and user behavior insights (see Microsoft Privacy Statement)
  • Hosting providers and email delivery services
• Legal Requirements: We may disclose information if required by law or in response to valid legal requests.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
• With Your Consent: We may share information with third parties when you have given us explicit consent to do so.

Important: These third-party services have their own privacy policies and data practices. We rely on these providers to handle your data responsibly and in compliance with applicable privacy laws.

Mental Health Information Privacy and Confidentiality

Therapist-Client Privilege

Confidentiality is a cornerstone of the therapeutic relationship. All information shared during therapy sessions is kept strictly confidential in accordance with professional ethical standards and applicable privacy laws.

What We Keep Confidential

• Session content and therapeutic discussions
• Clinical notes and treatment plans
• Assessment results and diagnostic information
• Personal disclosures made during therapy

Mandatory Disclosure Exceptions

Despite our commitment to confidentiality, we are legally and ethically required to break confidentiality in specific circumstances:

• Imminent Risk of Harm: If you pose a serious threat of harm to yourself or others, we must take steps to protect safety, which may include notifying emergency services and/or potential victims
• Child/Elder/Dependent Adult Abuse: Suspected abuse or neglect of minors, elderly persons, or dependent adults must be reported to appropriate authorities
• Court Orders/Subpoenas: Legally mandated disclosures in response to valid court orders
• Insurance/Billing: Limited information may be shared with insurance providers for payment processing (if applicable)
• Professional Consultation: De-identified case discussions with clinical supervisors or colleagues for quality assurance and professional development

Session Recordings Policy

We do not record therapy sessions unless explicitly agreed upon in advance for supervision or quality assurance purposes. If recordings are made, you will be informed of the purpose of the recording, how long it will be retained, who has access to it, and your right to decline recording.

Clinical Records Retention

Clinical records are maintained for a minimum of 7 years after the last session date, in accordance with professional standards and regulatory requirements. Records are stored securely using encrypted systems with access limited to authorized personnel only.

After the retention period, records are securely destroyed using methods that prevent reconstruction of personal information.

Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Data Breach Notification

In the event of a data breach that affects your personal information, we will notify affected users as soon as reasonably possible and in accordance with applicable laws. Notifications will be sent via email to the address associated with your account or inquiry. We will also take immediate steps to investigate the breach, mitigate any harm, and prevent future incidents.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Clinical Records: Clinical records are maintained for a minimum of 7 years after the last session date, in accordance with professional standards and regulatory requirements. Even if you request deletion of your marketing data, clinical records must be retained for legal and ethical reasons.

When we no longer need your non-clinical information, we will securely delete or anonymize it. Clinical records are securely destroyed after the required retention period.

Emergency Situations and Crisis Protocols

Important: Our therapists are not available 24/7 for crisis intervention.

If you are experiencing a mental health crisis or emergency:

• Immediate danger: Call 911 or go to your nearest emergency room
• Crisis support:
  • National Suicide Prevention Lifeline: 988
  • Crisis Text Line: Text HOME to 741741
  • Local crisis services: Contact your local crisis center

Information shared during a crisis situation may be disclosed to emergency services to ensure your safety, in accordance with our duty to protect and legal obligations outlined in this policy.

Your Rights

Depending on your location, you may have certain rights regarding your personal information, including:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Objection: Object to the processing of your personal information
• Portability: Request transfer of your information to another service
• Withdraw Consent: Withdraw consent for processing where consent was given

To exercise these rights, please contact us using the information provided below.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including but not limited to the United States and other jurisdictions where our third-party service providers operate.

Important Notice: The third-party services we use (Google Analytics, Microsoft Clarity, hCaptcha, and hosting providers) may transfer and process your data in various countries worldwide. These service providers do not always disclose the specific locations where data is stored or processed. We rely on these providers' compliance with applicable data protection frameworks, including:

• EU-U.S. Data Privacy Framework
• Standard Contractual Clauses (SCCs)
• Other recognized adequacy mechanisms

These countries may have data protection laws that differ from those in your jurisdiction. While we cannot control where these third-party services store data, we choose providers that maintain strong security practices and comply with applicable privacy regulations.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). Our lawful basis for processing personal information includes consent, contractual necessity, legal obligation, and legitimate interests. You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to say no to the sale of personal information
• Right to access your personal information
• Right to delete your personal information
• Right to non-discrimination for exercising your rights

We do not sell personal information to third parties.