Privacy Policy

Introduction

Mentally STRONG values your privacy and safeguards all information you share with us. This notice explains how we collect, use, and protect personal data and protected health information (PHI) when you visit our website, book services, or communicate with our team.

Key Definitions

  • PHI (Protected Health Information) – Personal details that relate to past, present, or future physical or mental health services.
  • Personal Data – Contact details such as name, email, phone number, and address.
  • Usage Data – Automatically collected technical details such as IP address, browser type, and pages viewed.
  • Cookies – Small text files stored on your device to help our site function and measure traffic.

Information We Collect

  1. Personal Data / PHI you provide in forms, phone calls, or the patient portal (e.g., name, email, service selections, intake notes).
  2. Usage Data gathered through cookies and analytics tools to understand site performance and security.

How We Use Your Information

We process Personal Data and PHI to:

  • Schedule retreats, coaching, and appointments.
  • Confirm bookings, send reminders, and handle payments or refunds.
  • Tailor resources and improve our programs.
  • Contact you by email, phone, or text with requested information and occasional surveys (opt‑out anytime).
  • Comply with legal or regulatory requirements, maintain security safeguards, and create internal audit or compliance reports.

When We Share Information

We never sell your data. We share it only with:

  • HIPAA‑compliant Business Associates (secure email, cloud storage, payment processors) under binding agreements.
  • Mentally STRONG affiliates that help deliver the services you request.
  • Regulators or authorities when required by law or to protect safety.

All partners are contractually required to protect PHI and keep it confidential.

Data Retention

PHI is stored for at least six (6) years or longer if law requires. Non‑PHI Usage Data is retained only as long as needed for security, analytics, or site improvement.

Data Security

We encrypt PHI in transit and at rest, limit access to trained staff, and maintain audit logs. While no system is flawless, we follow the HIPAA Security Rule and other industry safeguards to reduce risk.

Important: Messages sent through general website forms or regular email are not encrypted. For sensitive matters, please use our secure Patient Portal.

Children’s Privacy

Our online services are not directed to children under 13. We do not knowingly collect data from children under 13 without verified parental consent.

Your Rights

You may request:

  • Access to or a copy of your PHI.
  • Correction of inaccurate information.
  • Restrictions on certain uses or disclosures.
  • An accounting of PHI disclosures.
  • A paper copy of this notice.

Contact us at the address below to exercise these rights.

Use of Google Analytics

We use Google Analytics with IP anonymization enabled. No PHI is sent to Google. You can disable cookies, turn off JavaScript, or use Google’s opt‑out add‑on to prevent analytics tracking.

Changes to This Policy

We may update this notice from time to time. Material changes will be posted on this page and are effective when published.

Contact Us

Questions about this policy or your rights?
Email: info@mentallystrong.com
Address: 3720 Sinton Road, Suite 104, Colorado Springs, CO 80907
Phone: (719) 493‑9555

What if you could start your journey today?

Get Your Free E-Book Now