Privacy Policy

Effective date: April 19, 2021

Psychable, Inc. and its affiliates (collectively, “Psychable,” “we,” or “us”) are committed to protecting your privacy when you access or use www.psychable.com and related websites, applications, and services owned and operated by Psychable (collectively, the “Services”) that link to this Privacy Policy (“Policy”). 

Psychable is an online community for service-seekers, practitioners, and individuals who are just learning about psychedelic-assisted therapy, which also provides information and content derived from evidence-based research, an engaged and passionate online forum, and a professional directory powered by ratings and reviews.

We are a community built on trust. An essential part of earning that trust means being clear about how we collect, use, and disclose your personal information, and how we protect your privacy. If you have questions about this policy, e-mail us at [email protected].

BY USING OR ACCESSING THE SERVICES IN ANY MANNER, YOU ACKNOWLEDGE THAT YOU ACCEPT THE PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY POLICY, AND YOU HEREBY CONSENT THAT WE WILL COLLECT, USE, AND SHARE YOUR INFORMATION IN THE FOLLOWING WAYS. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, YOU MAY NOT USE THE SERVICES. IF YOU USE THE SERVICES ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR CHILD) OR AN ENTITY (SUCH AS YOUR EMPLOYER), YOU REPRESENT THAT YOU ARE AUTHORIZED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT THIS PRIVACY POLICY ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF.

At all times, any use of Psychable’s Services is subject to the Agreement (as defined by in our Terms of Use, which incorporates this Privacy Policy).

For purposes of this Policy, we define certain users as follows: (i) “Healthcare Provider means a licensed medical provider, including but not limited to therapists, psychologists, doctors or agents or affiliates thereof that uses our marketing services; (ii) “Practitioner” means a non-medical practitioner, including but not limited to healers, retreat centers, or providers or agents or affiliates thereof that uses our marketing services; (iii) “Seeker” means an individual who uses our Services to seek or search for practitioners or health care providers and book appointments; and (iv) “Users” collectively refer to Healthcare Providers, Practitioners, and Seekers.

1. PHI AND HIPAA
As part of providing the Services to our Healthcare Providers, we may collect certain demographic, health and/or health-related information from Seekers that may be considered protected health information (“PHI”) under the Health Insurance Portability and Accountability Act (“HIPAA”). Specifically, information is considered PHI when (i) Psychable, acting as a “Business Associate” (as such term is defined in HIPAA) receives identifiable information about a Seeker from or on behalf of a Healthcare Provider, and (ii) such Healthcare Provider is a “Covered Entity” (as such term is defined in HIPAA). However, information that a Seeker provides to Psychable outside of the foregoing context is not PHI, such as when you (i) create an account or use our interactive tools and services, (ii) send messages to Seekers or receive messages from Users; (iii) search for Healthcare Providers or Practitioners or their available appointments; (iv) post reviews; (v) post listings, which may contain general medical information that is not associated with a particular Healthcare Provider; (vi) voluntarily provide information in free-form text boxes through the Services or through responses to surveys and questionnaires; (vii) provide device/IP information or web analytics information by browsing our websites (see below); or (viii) send us an email or otherwise contact us directly, that certain information is not PHI. HIPAA provides specific protections for the privacy and security of PHI and restricts the use and disclosure of PHI. Psychable may only use and disclose PHI as permitted by HIPAA or as authorized by the User.
2. INFORMATION WE COLLECT

We may collect personal information about you. “Personal Information” means, without limitation, your name, mailing address, email address, birthdate, social security number and contact information, medical history and current medical needs, billing information, and other personally identifiable information.

How we collect and store information depends on how you access and use the Services. We collect information in multiple ways including when you provide information directly to us, when you permit third parties to provide information to us, and when we passively collect information from you, such as information collected from your browser or device.

a. Personal Information You Provide Directly to Us

We may collect Personal Information and other information from you that you provide directly to us through your use and access of the Services, such as:

  • When you register for an account;
  • When you send messages to, or receive messages from, other Users;
  • When you subscribe for electronic communications, including but not limited to newsletters, news, or marketing and promotional materials;
  • When you search for or book an appointment;
  • When you provide medical information in connection with an appointment or a listing;
  • When you provide responses to surveys or questionnaires;
  • When you provide payment information;
  • When you submit a request to advertise;
  • When you submit a rating or review;
  • When you create an event; 
  • When you create a listing seeking or offering services; or 
  • When you otherwise communicate with us or other Users through the Services.

This list is illustrative and not exhaustive and the Privacy Policy applies to all use of the Services. The information you provide directly to us may concern you or others and may include, but is not limited to: (i) any Personal Information; (ii) demographic information (e.g., gender, age, political preference, religious affiliations, race, or ethnic origin); (iii) professional license information, if any such as professional licenses, education history, specialties, certifications, and any other credentials; (iv) social media related information; (v) information about your event, listing, or request; (vi) Personal Information you include in your communications with us or other Users through the Services; or (vii) any other information you provide, in whatever way, to us through the Services.

B.PERSONAL INFORMATION COLLECTED FROM AFFILIATES OR ADVERTISING PARTNERS​
  • Affiliates. We may collect information about you or others through affiliate third party service providers we use to analyze how you interact and engage with the Services or to help us provide you with customer support.

  • Advertising Partners. We may collect information about you or others from any of our advertising partners who assist us with marketing or promotional services related to how you interact with our Services, advertisements or communications.
C.Information That is Passively or Automatically Collected
  • Device and Usage Information. We and our third party service providers, including, without limitation, ad networks and analytics companies, such as Google Analytics, may use cookies, web beacons, and other tracking technologies to collect information about the computers or devices (including mobile devices) you use to access the Services. As noted below, we may collect and analyze information including, but not limited to (i) browser type; (ii) ISP or operating system; (iii) domain name; (iv) access time; (v) referring or exit pages; (vi) page views; (vii) IP address; (viii) unique device identifiers; and (ix) the type of device that you use. We may also track and record when and how frequently you use the Services or how you browse the Services. We use this information, including the information collected by our third-party service providers, to analyze the Services provided, to assist in determining relevant advertising, to evaluate the success of our advertising and marketing campaigns, and as otherwise described in this Privacy Policy.

  • Location Information. When you use the Services, we may collect general location information (e.g., IP address). To deliver customized content and advertising, we may share your location information with our affiliate third party service providers.

  • Cookies and Other Electronic Technologies.  We and our third party service providers may use cookies, clear GIFs, pixel tags, and other technologies (collectively, “Cookies”) to enable our servers to recognize your web browser and tell us how and when you visit and use our Services. We do this to understand user behavior, personalize preferences, perform research and analytics, prevent fraud, and improve the Services. These technologies, for example, may allow us to tailor the Services to your needs, save your password in password-protected areas, track the pages you visit, help us manage content, and compile statistics about usage. We also use certain of these technologies to customize advertisements through the Services that may interest you. We or our third party service providers also may use certain of these technologies in emails to our customers to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

    You can choose to accept or decline Cookies. Most web browsers automatically accept Cookies, but your browser may allow you to modify your browser settings to decline Cookies if you prefer. If you disable certain Cookies, you may be prevented from taking full advantage of the Services, because it may not function properly. As we adopt additional technologies, we may also gather additional information through other methods.
3. HOW WE USE THE INFORMATION COLLECTED

We may use your information for any of the following commercial or business purposes:

  • For the purposes for which you provided it;
  • To enable you to use the Services, including registering you for an account and verifying your identity and authority to use our Services;
  • For customer support and to respond to your inquiries;
  • For internal record-keeping purposes;
  • To administer surveys or questionnaires;
  • To track fees and process billing and payment, including sharing with third party payment gateways and payment service providers in connection with the Services;
  • To improve and maintain the Services, including testing, research, internal analytics, and product development;
  • To address fraud or safety concerns, or to investigate complaints or suspected wrongdoing;
  • To periodically send promotional emails regarding new products from Psychable, special offers from Psychable, or other advertising or marketing information that may interest you;
  • For Psychable’s market research purposes, including, but not limited to, the customization of the Services according to your interests;
  • For other research and analytical purposes, including by using aggregated and anonymous information collected through the Services;
  • To fulfill our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities; and
  • To protect your  rights, property or safety, or that of Psychable or another party, and to enforce any legal terms that govern your use of the Services.

We may, either directly or through third parties we engage to provide services to us, review, scan, or analyze your communications with other users exchanged through the Services or as otherwise described in this Privacy Policy for the prevention of illegal, fraudulent, malicious or deceptive activity, risk assessment, regulatory compliance, investigation, product development, research and customer support purposes. For example, as part of our illegal activity prevention efforts, we may scan and analyze messages to prevent illegal or improper actions. We may also scan, review or analyze messages for research and product development purposes, as well as to debug, improve and expand product offerings.

4. WHEN WE DISCLOSE YOUR INFORMATION

Unless otherwise described in this Privacy Policy, we may also share the information that we have collected from you through the Services for the following purposes:

  • Service Providers. We may provide access to your information to certain third parties who perform services on our behalf. These third parties provide a variety of services to us including without limitation billing, sales, marketing, advertising, market research, data storage, analysis and processing, identity verification, fraud and safety protection, legal services and other functions. We share information from or about you with these third party providers so that they can perform their services or complete your requests. As we retain new service providers, we generally seek contractual assurances from these service providers that they will not use your information in any manner other than to help us provide you with the Services.

  • Protection of Psychable and Others. We may disclose your information to whomever necessary when we believe it appropriate to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms of Use or any other legal terms governing use of the Services, and/or to protect our rights and property and the rights and property of Users.

  • Practitioner or Healthcare Provider. We may disclose Seeker Personal Information with the Practitioner or Healthcare Provider with whom the Seeker chooses to schedule an appointment through the Services. 

  • Aggregate or Anonymous Information. We may disclose information of Users in the aggregate to third parties, such as businesses that are listed on Psychable. For example, we may disclose the number of Seekers that have been exposed to or interacted with advertisements, or that we believe visited the physical location of a particular business. 

  • Business Transfers. As we continue to develop our business, we may sell, buy, merge or partner with other companies or businesses, or sell some or all of our assets. In such contemplated or actual transactions or where there is any change of control of Psychable, information of Users may be among the shared and/or transferred assets.

  • Legal Requirements. We may disclose your information when required by applicable law or when we believe in good faith that such disclosure is necessary to: (a) comply with legal or law enforcement processes, such as a search warrant, subpoena, statute, judicial proceeding or other legal process or law enforcement request; (b) is helpful to prevent, investigate, or identify possible wrongdoing in connection with the Services; or (c) protects our rights, reputation, property, or that of our users, affiliates, or the public. If you flag or otherwise complain to us about content through the Services, we may share the substance of your complaint with the contributor of that content in order to provide an opportunity for the contributor to respond.

  • Third Party Integration. If you sign up for, or log into, Psychable using a third party service like Facebook or Google, or link your Psychable account to your account with a third party service like Facebook or Google, we may receive information about you from such third party service. If you post content to a third party service through the Services, that third party service will also receive that content, which will be visible to anyone that has access to it through that third party service. Some of our web pages utilize framing techniques to serve content to you from our third party partners, while preserving the look and feel of the Services. In such cases, please note that the information you provide may be transmitted directly to the identified third party service partner. If you interact with businesses through Psychable, they will receive whatever information you choose to share with them, for example contact information you share through direct messages to the business or your phone number if you call the business.
5. HOW DATA SECURITY

Psychable leverages leading cloud hosting and security providers to enable enterprise-level security to protect the Personal Information submitted to us through the Services, both during transmission and after we receive it. For example, the Services use (i) Secure Sockets Layer (SSL) technology to allow for the encryption of Personal Information; (ii) industry leading managed web application firewall to prevent hostile attacks; and (iii) advanced distributed denial of service (DDoS) mitigation to protect against security vulnerabilities and DDoS attacks.  

 

However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use leading security technology to protect your Personal Information, we cannot guarantee its absolute security, and except as expressly required by law, we are not responsible for the theft, destruction, loss or inadvertent disclosure of your Personal Information, other information or content.

6. UPDATING, DELETING, AND CORRECTING YOUR INFORMATION

You may review, correct, and delete certain information about you by logging into the Services and navigating to your account portal. You should update your account information if it changes or is inaccurate. You can close your account at any time through the account portal or the help center. Upon closing your account, we will remove certain public posts from view and/or dissociate them from your account profile, but we may retain information about you for the purposes authorized under this Privacy Policy unless prohibited by law. For example, we may retain information to prevent, investigate, or identify possible wrongdoing in connection with the Services, collect any fees owed, enforce our Terms of Use, comply with legal obligations, and/or for any other purpose otherwise permitted by law that we deem necessary in our sole discretion. We may also maintain ratings and reviews of a Practitioner or Healthcare Provider, and residual copies of your Personal Information in our backup systems. Please note that Practitioners and Healthcare Providers cannot remove their business pages, ratings, or reviews by closing their accounts.

7. EXTERNAL LINKS

The Services may contain links to other websites or resources over which Psychable does not have any control. Such links do not constitute a recommendation or endorsement by Psychable of those external websites nor does Psychable share your information with them, except as set forth herein. You acknowledge that Psychable is providing these links to you only as a convenience, and further agree that Psychable is not responsible for the content of such external websites or the protection and privacy of information you provide while visiting such external websites.

8. CHOICE TO OPT-OUT

We may send periodic marketing and promotional emails to you. You may opt out of such emails by following the opt-out instructions contained in the emails, such as unsubscribing. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about your account or any services you have requested or received from us. Users may also request to have a listing be removed from the Services by contacting us at [email protected] or through the help center. Please note that it may take up to 10 business days for us to process such listing removal requests.

9. CHILDREN

The Services are intended for a general audience and are not directed to children under 13. We do not knowingly collect Personal Information from children under 13. If you become aware that a child has provided us with Personal Information without parental consent, please contact us at [email protected] If we become aware that a child under 13 has provided us with Personal Information without parental consent, we take steps to remove such information and terminate the child’s account.

10. CONTACT

You may contact us about our Privacy Policy at [email protected].

For security purposes, we will take such steps as we deem necessary to confirm your identity before completing your request or sharing any Personal Information with you.

11. CHANGES TO THIS PRIVACY POLICY

This Policy is current as of the effective date set forth above. Psychable, in its sole and absolute discretion, may change this Policy at any time. We will post an updated Policy on the Services, notify you by email or otherwise through the Services prior to or on the effective date of the changes. By continuing to access or use the Services after those changes become effective, you acknowledge the updated Policy and agree to the updated terms of the then-current Policy.

12. CALIFORNIA PRIVACY RIGHTS

Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights around Psychable’s collection, use, and sharing of their Personal Information. The CCPA does not apply to all for-profit businesses and these rights are subject to certain exceptions. 

Psychable does not sell your Personal Information and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. Similarly, we do not offer financial incentives associated with our collection, use, or disclosure of your Personal Information. Psychable may share certain Personal Information with third parties as described in the section “When We Disclosure Your Information.” To opt out of such sharing, you may email us at [email protected] 

Psycable collects various types of Personal Information when you use the Services, including personal identifiers, business information, Internet or other electronic network or device activity information, geo-location data, and professional information. We provide above information about what information Psychable collects, how we use it, when we  share such information, and with whom we share such information.

As a resident of California, you have the right to request to know what Personal Information has been collected about you, and to access that information. You also have the right to request deletion of your Personal Information, though exceptions under the CCPA may allow Psychable to retain and use certain Personal Information notwithstanding your deletion request. You may send your data rights request by email to [email protected] We will not discriminate against you for exercising your rights under the CCPA. An agent may submit a request on your behalf, but you must verify that your agent is authorized to do so.

Additionally, California’s Shine the Light law gives California residents the right to ask for a list of third parties that have received your information for direct marketing purposes during the previous calendar year. If we have shared your information, this list will contain the types of information shared and we will provide this list at no cost. To make such a request, contact us at [email protected]

13. NEVADA PRIVACY RIGHTS

Nevada Privacy Law (SB 220) requires website operators to provide a way for Nevada consumers to opt out of the sale of certain Personal Information that the website operator may collect about them. Psychable does not sell your Personal Information to third parties as defined in Nevada law, and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. If you have any questions regarding our data privacy practices or our compliance with Nevada Privacy Law, please contact us at [email protected].

14. EUROPE GENERAL DATA PROTECTION REGULATION

If you are from the European Economic Area (“EEA”), Psychable may collect and process your Personal Information as described in this Policy in the following contexts: (i) we need to perform a contract with you; (ii) you have given us permission to do so; (iii) the processing of your information is in our legitimate interest and is not overridden by your rights; (iv) for payment processing purposes; or (v) to comply with the law. 

Where the European Union’s General Data Protection Regulation (“GDPR”) applies to you, you have the right to (i) access your Personal Information; (ii) request that we correct, update or delete your Personal Information; (iii) object to our processing of your Personal Information; (iv) restrict the processing of your Personal Information; (v) be provided with a copy of your Personal Information in a structured, common and machine-readable format; and (vi) withdraw  your consent at any time where Psychable relied on your consent to process your Personal Information. Please see Section 8 for other means to opt-out of our data collection and processing practices. 

Prior to responding to any requests to exercise your rights under GDPR, we require you to verify your identity with us. To exercise any of your rights under GDPR, please contact us at [email protected]. You acknowledge that for each of the foregoing rights we may have valid legal reasons to refuse your request and, in such instances, we will let you know if that is the case. 

For European residents, please note that the Personal Information we obtain from or about you may be transferred, processed, and stored outside of the EEA or Switzerland for the purposes described in this Policy, including in the United States of America. We take the privacy of our users seriously and therefore take steps to safeguard your information, including ensuring an adequate level of data protection in accordance with E.U. standards in effect as of the date of this Policy. We have implemented similar appropriate safeguards with our third party service providers and partners and further details can be provided upon request.