Privacy Policy for Social Stamina Behavioral Consult Services, Inc. (Updated July 16, 2025)

We value your privacy and are committed to protecting the personal and health-related information you provide when visiting our website. We do not sell your personal information, use it for advertising, or allow third parties to market to you. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information We Collect We collect the following types of information:

• Personal Information: Your name, email address, phone number, or other contact details only when you fill out forms or request an appointment.

• Health Information: When completing self-assessments or intake forms, you may voluntarily provide information related to your mental health. This information is treated as confidential and may be used to initiate care or evaluate eligibility for services.

• Technical Data: Your IP address, device type, pages visited, and general location (city/state) as collected by Google Analytics.

2. How We Use Your Information We use your information to:

• Respond to inquiries and schedule appointments

• Assess potential client needs through intake forms

• Improve our website functionality and user experience using aggregate traffic data from Google Analytics

3. Cookies and Analytics Our site uses Google Analytics to understand how visitors use our site. This tool collects non-identifiable data such as pages visited and time spent on site. It may use cookies to track session data, but we have configured it to anonymize IP addresses and avoid collecting personally identifiable information.

You may opt out of Google Analytics tracking by using browser-based tools like the Google Analytics Opt-Out Add-on.

4. Confidentiality of Communications (California Residents) Under the California Invasion of Privacy Act (CIPA), California residents are entitled to know when their communications are being recorded or monitored.

• We do not use session replay software, chat widgets, or third-party marketing pixels.

• Form submissions and self-assessment data are stored securely and are not shared with third parties.

• Google Analytics is used only in a limited, non-invasive way and does not collect or transmit the content of your communications or form entries.

By using our website, you consent to the collection of technical data described above.

5. HIPAA and Medical Information If you submit health-related information via our forms, it may be considered Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).

We treat this information with the same confidentiality as medical records, and use it only for legitimate healthcare operations.

We will never share PHI with third parties without your explicit consent, unless required by law.

HIPAA Authorizations and Consent: Before sharing your Protected Health Information (PHI) for purposes other than treatment, payment, or healthcare operations, we are required to obtain your written authorization. Authorization Process: – All authorizations must be in writing on our standard HIPAA-compliant authorization form – You have the right to revoke an authorization at any time by submitting a written request – We maintain records of all authorizations and revocations – We will not condition treatment on whether you sign an authorization

6. Data Security We take appropriate technical and administrative steps to protect your data from unauthorized access, use, or disclosure. All submitted data is encrypted in transit, and access is limited to authorized personnel.

We understand the special privacy considerations for minors seeking mental healthcare services and are committed to protecting the privacy of children while respecting legal guardian rights. Collection of Information from Minors: – For children under 13, we require verifiable parental consent before collecting personal information online – For adolescents 13-17, we follow applicable state laws regarding minor consent for mental health services – Self-assessment tools on our website are intended for adult use or for use by minors with parental involvement.

7. Your Rights You have the right to:

• Access or request a copy of the personal data we hold about you

• Request corrections to your information

• Withdraw consent to our data processing (where applicable)

8. Data Breach Notification Despite our security measures, if a breach of unsecured Protected Health Information occurs, we follow specific notification procedures in compliance with HIPAA and relevant state laws.

In the event of a breach, we will: – Conduct a thorough risk assessment to determine the nature and extent of the breach – Notify affected individuals without unreasonable delay and no later than 60 days after discovery – Provide written notification by first-class mail (or email if preferred) – Include details about what happened, what information was involved, steps individuals can take for protection, what we are doing to investigate and mitigate harm, and contact information for questions

9. Do Not Track (DNT) Signals Some web browsers include a “Do Not Track” feature that signals to websites you visit that you do not want your online activity tracked. California law requires us to disclose how we respond to such DNT signals.

Our Response to DNT Signals At this time, our website does not respond to “Do Not Track” browser settings or signals. This is because there is no universally accepted standard for how such signals should be interpreted or responded to.

10. Changes to This Policy We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised effective date. We encourage you to review it periodically.

If you have any questions or concerns about this Privacy Policy or our data practices, or would like to opt-out, please contact us at 841 Mohawk Street, Suite 250, Bakersfield, CA 93309 or 661-742-1117.