CouplesTherapyInc.com collects information from Users at a number of different points on our website.
(A) When a User sends an email through the CouplesTherapyInc.com website, the User’s name, phone number, email address, and message is recorded as part of the transmission process.
This information is kept confidential and is made available only to (1) trained CouplesTherapyInc.com support team members for purposes of administering CouplesTherapyInc.com, such as moderating for spam or other content that is in violation of CouplesTherapyInc.com terms of service, (2) the therapist(s) Member(s) to whom the User sends the email. CouplesTherapyInc.com never rents, sells, or gives this information to any other third party.
When a User emails a therapist or team member through the CouplesTherapyInc.com email messaging system, the User is automatically emailed a notification when the therapist has been contacted. Additionally, when a User emails a therapist through the CouplesTherapyInc.com email messaging system, they may be automatically subscribed to our monthly email newsletter. Users may unsubscribe from this email newsletter by either not responding to the opt-in sent to you, or by clicking the prominent "unsubscribe" sent in each email newsletter. These are sent for educational purposes to those who want to continue to receive them.
(B) When a User calls a therapist or team member through the telephone number posted on the CouplesTherapyInc.com website, standard caller identification information is collected and forwarded to the Member, and may be stored by CouplesTherapyInc.com for use in administering its services. CouplesTherapyInc.com never rents, sells, or gives this information to any third party.
(C) CouplesTherapyInc.com collects User email addresses when Users subscribe to the blog or newletter. This email address is used to send such Users blog post or blog comment summaries and Users can unsubscribe anytime using unsubscribe option(s) found in the email and/or on the site. CouplesTherapyInc.com never rents, sells, or gives this information to any other third party.
(D) CouplesTherapyInc.com collects information entered by Users when they register (or try to register) for a public web conference or public non-professional membership. This information (including but not limited to name, username, email address, password, etc.) is kept private in a database and may be used by our internal departments if needed (such as debugging errors or analyzing outcome of marketing campaigns) as required. CouplesTherapyInc.com never rents, sells, or gives this information to any other third party.
(E) CouplesTherapyInc.com does not store credit card information on our servers. All credit card transactions are processed through Paypal.
CouplesTherapyInc.com uses Google Analytics Advertising Features. This includes, but is not limited to, user-directed marketing, geographic-directed marketing, remarketing with Google Analytics, Google Display Network Impression Reporting, DoubleClick Platform Integrations, and Google Analytics Demographics and Interest Reporting.
You can opt out of Google Analytics Advertising Features here: https://tools.google.com/dlpage/gaoptout/
No personally-identifiable information collected by CouplesTherapyInc.com will be merged with non-personally identifiable information collected through any Google advertising product or feature.
(G) CouplesTherapyInc.com may use other web analytics services and/or software to collect information about users’ browsing activities. This information is used to analyze the performance of the website and associated marketing campaigns. Some of the services/software like Google Analytics may store this information on their own servers.
(H) CouplesTherapyInc.com may use AdWords, Facebook, or other third party remarketing, sometimes called retargeting, to market our website(s) across the Internet. Google, Facebook, or other third party sites place a cookie on a browser. Google, Facebook, or third party sites read cookies and may present a CouplesTherapyInc.com ad on a third party site. You may opt out of Google’s remarketing here: https://tools.google.com/dlpage/gaoptout/. You may opt out of Facebook's remarketing here: https://www.facebook.com/ads/website_custom_audiences/
CouplesTherapyInc.com does not sell or otherwise provide personally identifiable information collected through its website and services to third parties, except as specifically authorized by the User or team member, such as a team member profile, blog post, User email to a team member, or other authorized disclosures of information. CouplesTherapyInc.com may disclose personally identifiable information about Users or team members, if such disclosure is (a) required by subpoena, law, or other legal process; (b) necessary to assist law enforcement officials or government enforcement agencies; (c) necessary to investigate violations of or otherwise enforce our Terms of Service for Members or Terms of Service and Use; (d) necessary to protect us from legal action or claims from third parties including you and/or other Users or Members; and/or (e) necessary to protect the legal rights, personal/real property, or personal safety of CouplesTherapyInc.com, our Users, team members, employees, and affiliates. Additionally, CouplesTherapyInc.com reserves the right to disclose personally identifiable information about a User or team member if CouplesTherapyInc.com reasonably believes that using or disclosing such information may prevent physical harm to one or more individuals or public safety
Log Files Like most standard website servers, CouplesTherapyInc.com uses log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track users’ movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses etc. are not linked to personally identifiable information contained in user profiles.
Payment Sources You will have to provide a payment source (i.e. credit card) to receive the services of CouplesTherapyInc.com. You understand that we use Paypal to process your payment source for providing our website and/or services to you. You understand and agree that we cannot control nor can we be liable for the acts of Paypal. If you see what you believe to be fraudulent transactions regarding payments to our website, please contact us immediately. We will work with you, Paypal, and authorities as best we can to help resolve such issues.
Our Email Policy CouplesTherapyInc.com and our affiliates fully comply with the CAN-SPAM Act as enacted in the United States. You can always opt out of receipt of further email correspondence from CouplesTherapyInc.com and/or our affiliates. We agree that we will not sell, rent, or trade your email address to any unaffiliated third-party.
Our Security Policy CouplesTherapyInc.com uses reasonable safeguards to protect personally identifiable information about Users and team members. Only CouplesTherapyInc.com administrators or employees who need the information to perform a specific job (for example, our billing clerk or a customer service representative) are granted access to such personally identifiable information. All employees are trained and kept up-to-date on our security and privacy practices. Any time new policies are added, our employees are trained in the policies.
Couples Therapy Inc welcomes the increased global focus on data protection and sees recent legislative efforts as a welcome step forward in streamlining global data protection requirements. This focus on data protection creates an opportunity for Couples Therapy Inc to deepen our existing commitment to data protection and reinforce it further across our growing global enterprise.
Couples Therapy Inc adopted this General Data Protection Program to increase transparency around Couples Therapy Inc’s data protection commitment and in support of our corporate-wide privacy by design and default initiative.
This General Data Protection Program documents the ways in which Couples Therapy Inc supports the protection of personal data throughout our organization, ultimately making Couples Therapy Inc’s data protection policies and practices more accessible to all stakeholders.
Couples Therapy Inc’s General Data Protection Program endeavors to:
OUR COMMITMENT TO DATA PROTECTION
As a services provider, the security of all data we are entrusted with is our highest priority. Along with security, it is important that a customer’s confidence is always maintained and a high level of security around processes and protection is strongly demonstrated. At Couples Therapy Inc, we strongly value and base our business on the trust that our customers have placed upon us. We are committed to taking advanced measures to support and continuously enhance the security of our systems and to ensure that the personal data we collect is always safe.
Commonly used terms in this Program are defined below:
consent - freely given, specific, informed and explicit consent by statement or action signifying agreement to the processing of their personal data. This needs to be trackable.
data controller - the entity that determines the purposes, conditions and means of the processing of personal data. For example, CTI acts as the data controller for our employees personal data. A Customer is Data Controller for the data they upload to our products.
data erasure - also known as the “Right to be Forgotten”, it entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties cease processing of the data.
data portability - the requirement for controllers to provide the data subject with a copy of his or her data in a format that allows for easy use with another controller.
data processor - the entity that processes data on behalf of the Data Controller. CTI acts as Data Processor to our customers, who are Data Controllers.
data protection authority - EU national authorities tasked with the protection of data and privacy as well as monitoring and enforcement of the data protection regulations within the EU.
Data Protection Officer - an expert on data privacy who works independently to ensure that an entity is adhering to the policies and procedures set forth in the GDPR. Donald Solomon, Esq. is Couples Therapy Inc’s DPO.
data subject - a natural person whose personal data is processed by a controller or processor.
encrypted data - personal data that is protected through technological measures to ensure that the data is only accessible/readable by those with specified access.
enterprise - any entity engaged in economic activity, regardless of legal form, including persons, partnerships, associations, etc.
personal data - any information related to a natural person or ‘Data Subject’ that can be used to directly or indirectly identify the person.
personal data breach - a breach of security leading to the accidental or unlawful access to, destruction, misuse, etc. of personal data.
privacy by design and default - a principle that calls for the inclusion of data protection from the onset of the designing of systems and products, rather than an afterthought.
processing - any operation performed on personal data, whether or not by automated means, including collection, storing, use, recording, etc.
recipient - entity to which the personal data are disclosed.
right to be forgotten - see data erasure above.
right to access - also known as “Subject Access Right”, it entitles the data subject to have access to and information about the personal data that a controller has concerning them.
IV. FAIR & TRANSPARENT DATA PROCESSING
Couples Therapy Inc is committed to fair and transparent processing of personal data. We make people aware of the data we are collecting, the purposes for data collection, the risks involved with collection and processing their data, and the rights related to their data, including how to exercise those rights. To further this commitment, Couples Therapy Inc has established policies and procedures related to our use of personal data to ensure we: lawfully collect and process data, adequately protect data transfers to third parties or transfers across borders and maintains data confidentiality.
2. GDPR Data Collection and Processing Notice (aka Data Use Notice)
The Couples Therapy Inc Data Collection and Processing Notice provides EU data subjects with a GDPR-focused, plain-language description of Couples Therapy Inc’s data collection, processing and protection practices in a clear and concise fashion. This notice advises data subjects of their rights under GDPR and specifically notifies subjects of their right to withdraw consent to data collected and processed at any time. For more information, the Couples Therapy Inc Data Use Notice is available for review publicly at https://couplestherapyinc.com/privacy%20policy/
Responding to Subject Access Requests from Customers
As data controllers, Couples Therapy Inc’s customers may be asked to respond to access requests from their employees and end users, the data subjects. Couples Therapy Inc, as their trusted data processor, is committed to supporting our customers in responding to these requests in a timely manner, consistent with GDPR requirements. As such, Couples Therapy Inc has established a Customer Subject Access Request Process to standardize our response process and ensure we are ready to respond to any customer data requests that may arise.
Responding to Subject Access Requests from Employees
When acting as a data controller, Couples Therapy Inc may be asked to respond to access requests from data subjects such as our internal employees or independent contractors. Couples Therapy Inc is committed to responding to these data subject requests in a timely manner, consistent with GDPR requirements. As such, Couples Therapy Inc has established an Employee Subject Access Request Process to standardize our response process and ensure we are ready to respond to any employee-related data requests that may arise.
Responding to Subject Access Requests from Marketing Data Subjects
Couples Therapy Inc may also be asked to respond to access requests from data subjects whose data was collected from our website or by participating in other marketing endeavors. Couples Therapy Inc is committed to responding to these data subject requests in a timely manner, consistent with the GDPR. As such, Couples Therapy Inc has established a Marketing Subject Access Request Process to standardize our response process and ensure we are ready to respond to any marketing-related data requests that may arise.
VI. PRIVACY BY DESIGN & DEFAULT
Couples Therapy Inc has openly embraced the concept and principles of privacy by design and default, increasing our focus on data protection throughout our entire organization. As such, Couples Therapy Inc adopted internal policies and implemented specific measures to support our privacy by design and default initiative. Couples Therapy Inc established policies and procedures increasing transparency around what data we collect, identifying the processing purpose, and examining the related impacts that processing has on data privacy. We further strengthened our commitment to privacy by design and default by instituting process around incorporating the data protection principles into our earliest product development stages, ensuring privacy is considered as part of every new product launch, and creating employee training highlighting these data protection measures.
Applies to all COUPLES THERAPY INC (CTI) workforce including: employees, staff and other health care professionals; volunteers; agency, temporary and registry personnel; and trainees, students, and interns (regardless of whether they are CTI trainees or rotating through CTI facilities from another institution).
It is the responsibility of all CTI workforce members, as defined above, including employees, medical staff, house staff, students and volunteers, to preserve and protect confidential patient, employee and business information.
To ensure that all Couples Therapy Inc employees are empowered with an understanding of our commitment to privacy by design and default, we established employee training allowing us to disseminate a consistent privacy by design and default message to all employees.
Incident Management Policies
The Couples Therapy Inc Information Security Incident Management Procedure sets forth a formal process within Couples Therapy Inc to ensure quick and effective management of security incidents, including those that amount to a personal data breach. The Procedure assigns responsibility for identifying, reporting and reacting to security incidents and outlines the swift steps to be taken when security incidents are discovered and establish organizational requirements, including roles and responsibilities for incident processing and reporting. It also establishes a mechanism to monitor and learn from such incidents.
VII. DATA PROTECTION GOVERNANCE
Data Protection Committee
Protecting data is a responsibility shared by all departments and employees throughout our global company. To ensure that the importance of data protection is understood and reinforced throughout our organization we’ve created a Data Protection Committee comprised of representatives from each department. The Data Protection Committee collectively makes decisions surrounding internal data protection efforts, ultimately helping to ensure a consistent approach to data protection within our organization as we continue to implement further data protection measures. The Data Protection Committee is focused on compliance with not just the EU’s GDPR, but all similar privacy laws throughout the countries in which we conduct business.
Members & Responsibilities
The Data Protection Committee is headed by the Couples Therapy Inc Data Protection Officer (DPO) and includes representatives from each major department within Couples Therapy Inc. The Committee is comprised of our DPO, a US GDPR Lead, an EU GDPR Lead and representatives from Resources, Marketing, Product Development team. The Committee meets no less than once annually to review existing data protection policies & procedures for updating. The Committee will also meet on an ad-hoc basis as needed to address data privacy concerns as they arise. These concerns may arise in connection to existing products/processes, introduction of new products/solutions to our customer base, or due to our own internal use affecting data privacy rights.
Last Update: 05/18/2018