Privacy Policy

This Privacy Policy describes what information of yours (“user”, “viewer”) will be collected by Halcyon Crest, LLC (“company”, “we”, or “us”) when you interact with https://www.halcyconcrestllc.com (“website”), how the information will be used, and how you can control the collection, correction, and/or deletion of information. We will not use or share your information with anyone except as described in this Privacy Policy. This Privacy Policy does not apply to information we collect by other means through our professional services and is not the same as privacy policies for health information.

Please read this Privacy Policy carefully. In the event of a change to this Privacy Policy, we will inform users with a notice on our website.

Definitions:

Personally Identifiable Information (PII) – PII, as described by U.S. privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

Sensitive Data – Sensitive Data refers to details about users’ religious beliefs, political opinions, race or ethnicity, sexual orientation, genetic or biometric data, health information, or information about trade union memberships.

Data Controller – Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which, and the manner in which any personal information is to be processed.

Data Processors (or Service Providers) – Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.

Data Subject (User) – Data Subject (User) is any living individual who is using our Service and is the subject of Personal Data.

Information We May Collect:

At the present time we do not ask users to enter their personal identifiable information (PII), such as name, email address, or other details, directly into any forms on our website. We also do not collect any sensitive data about users on our website.

We do utilize a third-party electronic health record (EHR) data management system, used by healthcare providers and organizations, which collects, stores, and manages personal information. The third-party EHR system we use is a HIPAA compliant and HITRUST certified EHR and secure client portal. A link to the third-party client portal is accessed on our website and users can voluntarily choose to enter their name, email, and phone number into the third-party’s HIPAA compliant and HITRUST certified client portal to schedule appointments with us. We use user’s PII collected from the third-party to contact the user for appointment scheduling purposes, which the user voluntarily elects to by filling out the contact information form of the third-party’s client portal. The third-party has their own separate and independent privacy policies. Additional information about the third-party’s security protocols and privacy policy can be found on the third-party’s website and via link found at the bottom of the third-party’s client portal page. If the user voluntarily chooses to participate in contractual services offered by us, additional personal data, including, but not limited to, billing and payment information, name, address, and health-related information, will be entered, stored, and managed in the HIPAA compliant and HITRUST certified third-party EHR system.

What We Do With Information We Collect

Contact You: 1) Consent – We may contact you if you give us affirmative consent to contact you. 2) Contract – We will contact you under our contractual obligation to deliver the services you purchase from us. 3) Legitimate Interest – We may contact you if we feel you have a legitimate interest in communication with us. For example, if you voluntarily provide your name, email, phone number in the third-party’s HIPAA compliant and HITRUST certified client portal in order to schedule an appointment with us.

Process Payments: We will use the PII you provide to us in order to process you payment for contractual services with us. Your PII is not directly collected through our website, but through a third-party that provides a HIPAA compliant and HITRUST certified client portal. A third-party HIPAA compliant payment processor will also be used for processing payments.

Anonymous Data Collection and Use

We may use website data analytic tools via Wix and Google Analytics to collect your IP address to help identify which areas of our website are most heavily used and to display content relevant to you. This website traffic data (IP address, browser, duration on our website, pages viewed, frequency of visits to our website) is helpful in improving our services and website content.

We may use the standard “cookies” feature of web browsers. Cookies may help you access our website faster and enhance site navigation. Cookies may also provide information about how you browse our website. Cookies do not collect personal information about you. We do not set any personally identifiable information (PII) in cookies. Users may choose to disable the cookies function through their own web browser’s settings. However, it is possible that disabling cookies may diminish the user’s experience with our website and it is possible that some of our website’s features may not function properly.

Compliance with California Online Privacy Protection Act

Our Privacy Policy is accessible by a link found at the bottom of each page on our website. The Privacy Policy link includes the word ‘Privacy’ and can be easily noticed at the bottom of each page. Users will be notified of any Privacy Policy changes on our Privacy Policy webpage. Users can request changes to their personal information by contacting us.

Compliance with Children Online Privacy Protection Act

We do not target any marketing or personal information collection to anyone under the age of 18. Our services, website, and its contents are directed to persons who are 18 years old or older.

Viewing By Others

Whenever users voluntarily make their PII available for viewing by others online through this website or the third-parties used by us, it may be seen, collected and used by others, and therefore we cannot be responsible for any unauthorized or improper use of the information that you voluntarily disclose.

 

Anti-Spam Policy

In compliance with the CAN-SPAM Act, we do not send spam, or misleading information. We do not send commercial marketing email messages. The email address the user voluntarily provides us is for appointment scheduling purposes and contractual user access to a secure HIPAA compliant and HITRUST certified third-party client portal. Users gain access to this secure portal by a link that is sent to their email that the user voluntarily provided. We will not sell, rent, or share the user’s email address.

Security

We take reasonable steps to protect PII you provide to us from misuse, disclosure, or unauthorized access. We use trusted HIPAA compliant and HITRUST certified third-parties who adopt high level security protocols in the collection, storage, and management of your PII. However, we cannot guarantee that your PII will always be secure due to technology or security breaches, or access by unauthorized users. Should there be a data breach of which we are aware, we will inform you immediately.

Confidentiality

We take reasonable steps to keep the PII you provide use confidential. Please be aware that we may disclose such information if required to do so by law or in good-faith belief that: 1) such action is necessary to protect and defend our rights or property or those of our users of licensee; 2) to act as immediately necessary in order to protect the personal safety or rights of our users or the pubic; or 3) to investigate or respond to any real or perceived violation of this Privacy Policy or any other terms of use or agreement with us.

Data Retention

We retain your PII for the minimum amount of time required to provide you with the information and/or services that you requested from us. We may include certain PII from longer periods of time if required for legal, contractual, and/or accounting obligations.

Third Party Websites

We use links to other third-parties on our website. We have no responsibility or liability for the content and activities of any other individual, company, or entity whose website or materials may be linked to our website or its content, and thus we cannot be held liable for the privacy of the information on their website or that you voluntarily share with the third-party’s website. Please review the third-party’s privacy policies for guidelines as to how they respectively store, use, and protect the privacy of your Personal Data.

Notification of Changes

We may use your PII to inform you of changes to the Website or its content, or, if requested, to send you additional information about us. We reserve the right to change, modify, or alter our website, its contents, and this Privacy Policy at any time. Changes to our Privacy Policy shall become effective immediately upon posting our updated Privacy Policy. Please review our Privacy Policy periodically. Continued use of any information obtained through or on our website or its content following the posting of any changes constitute acceptance of the revised Privacy Policy.

How You Can Access, Update, or Delete Your PII

You have the right to:

1.      Request information about how your PII is being used and request a copy of what PII we use.

2.      Restrict processing if you think the PII is not accurate, unlawful, or no longer needed.

3.      Rectify or erase PII and receive confirmation of the rectification or erasure.

4.      Withdraw your consent at any time to the processing of your PII.

5.      Lodge a complaint with a supervisory authority if you feel we are using your PII unlawfully.

6.      Receive PII portability and transference to another controller without our hinderance.

7.      Object to our use of your PII.

8.      Not be subject to an automate decision based solely on automatic processing, including profiling.

 

For the purpose of this Privacy Policy, we are a Data Controller of your PII. If you have any questions about this Privacy Policy, if you would like to change your personal information, of if you want to change your consent, please contact us at (904) 686-6856.

This policy went into effect: February 2021

Updated: September 2021