Privacy policy

1. Scope

This policy applies to visitors to our website, individuals who contact the practice, patients receiving care, and—where separate notices apply—authorized staff using internal systems. If you are a patient, additional privacy notices (for example, a Notice of Privacy Practices under HIPAA, where applicable) may be provided at the office or with your intake paperwork and should be read together with this policy.

2. Information we may collect

Depending on how you interact with us, we may collect:

• Contact and identity — name, phone number, email, date of birth, and similar details you provide when you book, register, or communicate with us.
• Health-related information — symptoms, history, medications, test results, and other clinical information necessary to provide care and operate the practice.
• Technical data — IP address, browser type, device identifiers, and usage data when you use our website (see below).
• Staff account data — credentials, roles, and audit logs for authorized users of internal systems.

3. How we use information

We use personal information to:

• Provide medical services, coordinate care, and communicate with you about appointments and follow-up.
• Operate and secure our website, systems, and staff tools.
• Meet legal, regulatory, and professional obligations (including health recordkeeping and reporting where required).
• Improve quality of care and practice operations, consistent with law and ethics.

4. Sensitive health information

Health information is treated with heightened care. Access is limited to personnel and vendors who need it to perform their duties. We do not sell your personal health information. Where HIPAA or similar laws apply, we follow applicable requirements for use, disclosure, and patient rights.

5. Messaging and third-party services

If you communicate with us through WhatsApp or other messaging platforms, your messages may be processed by those providers under their own privacy policies and terms. Standard messaging or data rates may apply. We recommend not sharing highly sensitive information via unsecured channels unless you have been informed and consent to that method.

6. Cookies and similar technologies

Our website may use cookies or local storage for essential functionality (for example, security tokens for staff login), preferences, or analytics. You can control cookies through your browser settings; disabling some cookies may limit certain features.

7. Disclosure of information

We may share information with:

• Service providers who assist our practice (for example, hosting, IT, or billing) under appropriate agreements.
• Other healthcare providers or facilities when needed for your care or with your authorization.
• Authorities when required by law or to protect safety.

We require vendors that handle protected health information to safeguard it in line with applicable law.

8. Security

We implement administrative, technical, and physical safeguards appropriate to the nature of the data we hold. No method of transmission or storage is completely secure; we encourage you to use official channels we provide and to protect your account credentials.

9. Retention

We retain information as long as necessary to provide care, comply with law (including medical record retention rules), resolve disputes, and enforce our agreements.

10. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or restrict certain data, or to object to some processing. Patients may also have specific rights under HIPAA or other health privacy laws. To exercise rights, contact us using the details below. We may need to verify your identity before responding.

11. Children

Our website is not directed at children to collect information online without parental involvement. Pediatric care is handled in accordance with law and clinical practice; parents or guardians may manage information on behalf of minors as appropriate.

12. International users

If you access our services from outside the country where the practice operates, your information may be processed in that country where laws may differ.

13. Changes to this policy

We may update this privacy policy from time to time. The “Last updated” date at the top will change when we do. Material changes may be communicated through our website or other appropriate means.

14. Contact

For privacy questions or requests, contact your practice administrator or the organization operating this site. Add your practice privacy officer email or phone here when you deploy.