Privacy policy

This policy describes how Book Therapy Session collects, uses, stores, and shares information from people who visit the site or submit the matching form. We aim to handle your information in line with HIPAA (the Health Insurance Portability and Accountability Act), the relevant state privacy laws, and standard industry security practices.

Information we collect

When you submit the matching form: we collect the information you provide — first and last name, email address, phone number, ZIP code, insurance choice, care preferences, and the mental-health concerns or specialties you select. This combination constitutes protected health information (PHI) under HIPAA, and we handle it accordingly.

When you browse the site: our hosting provider may collect standard server logs (IP address, request timestamp, requested URL, user agent). We do not associate this browsing data with your identity unless you submit the matching form. We use privacy-respecting analytics that do not require cookies or personally identify you, and we do not send any health information to analytics services.

What we don't collect: we do not use third-party advertising trackers. We do not place cookies for advertising or remarketing. We do not sell your information.

How we use your information

Information from the matching form is used to route your inquiry to a therapist's intake coordinator, who then contacts you to discuss your needs and schedule. We use your contact information to follow up on your inquiry. We may also use de-identified data — with all personal and health information stripped — for internal quality improvement, capacity planning, and aggregate reporting (e.g., “this quarter we routed N inquiries, with the most common specialty being X”). De-identified data cannot be re-linked to you.

How we store and protect your information

The matching-form data is transmitted over TLS (HTTPS) to a HIPAA-eligible vendor with whom we maintain a signed Business Associate Agreement (BAA). Data is stored encrypted at rest with industry-standard encryption. Access is limited to the intake coordinator at the routed practice and to authorized Book Therapy Session personnel for support and audit purposes. We log access for compliance review.

We retain matching-form submissions for the period required by applicable state and federal law (typically 6-10 years for mental-health-related records) and then securely delete them. You may request earlier deletion of your data — see “Your rights” below.

Who we share information with

The therapists in this directory maintain independent practices. When you submit the matching form, we share the information you provided with the intake coordinator at the practice we route you to. That practice operates under its own privacy policies and Notice of Privacy Practices, which they will provide once you become a client.

We use a small number of vendors to deliver email, host the site, and operate the matching service. Each vendor that handles PHI is covered by a signed BAA. We do not share PHI with any other parties except as required by law (court order, subpoena, public-health reporting, or other legally compelled disclosure).

Your rights

You have the right to inspect, request a copy of, request correction of, or request deletion of the information we hold about you. You have the right to withdraw your authorization for our use of your information at any time. You have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you believe your privacy rights have been violated.

To exercise any of these rights, email [email protected]. We will respond within 30 days. If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA); we honor those rights on request.

Cookies and tracking

We use only the cookies strictly necessary to operate the site (for example, remembering your filter selections on the therapist directory). We do not place advertising or remarketing cookies. We do not use third-party tracking pixels.

Children

This directory is not directed to children under 13, and we do not knowingly collect information from children under 13. If you are a parent or guardian seeking therapy for a child, please submit the matching form yourself and indicate that the therapist is for your child. If you believe we have collected information from a child under 13, contact us and we will delete it.

Crisis content

Book Therapy Session is not a crisis service. If you are in immediate danger, call 911. For mental-health crisis support, call or text 988 — the Suicide & Crisis Lifeline, available 24 hours a day across the U.S.

Changes to this policy

We may update this policy from time to time. Material changes will be posted to this page with an updated effective date. Continued use of the site after changes constitutes acceptance of the updated policy.

Contact

For privacy questions or to exercise the rights above, email [email protected].