Privacy Policy

Scope of this policy

This Privacy Policy applies to beehivehealthy.com and the digital tools we run on it (contact forms, scheduling links, newsletter sign-ups, the accessibility widget, and the embedded chat assistant). It does not cover information you provide once you become a patient and enter our Electronic Medical Record (EMR) — that data is governed by HIPAA and our Notice of Privacy Practices.

By using the site you agree to the practices described here. If you do not agree, please don't submit information through the site.

Information we collect

Information you give us

• Name, email address, phone number, and the city/state you live in
• The reason you're reaching out (general interest, scheduling, billing question, etc.)
• Anything you choose to type into a free-text field, including discovery-call notes

Information collected automatically

• Device and browser type, operating system, screen size, and language
• IP address (truncated where possible) and approximate city-level location
• Pages visited, links clicked, time on page, and referring URL
• Cookie and local-storage identifiers used to remember preferences and measure traffic

What we do NOT collect on the website

Do not submit Protected Health Information (PHI) through public forms — diagnoses, medications, lab values, symptoms, or anything you would only share with a clinician. Web forms are not a HIPAA-secure channel. Save those details for our EMR portal after onboarding.

How we use information

• Reply to inquiries and schedule discovery calls or visits
• Deliver, maintain, and improve the services and content on the site
• Send communications you've asked for (e.g., appointment confirmations, newsletters)
• Detect and prevent fraud, abuse, and security incidents
• Meet our legal, regulatory, and professional obligations

We don't use website data to make automated decisions that produce legal or similarly significant effects on you.

Legal bases & how long we keep it

Depending on the activity, we rely on your consent, our legitimate interest in operating a healthcare practice, or the need to take steps at your request before becoming a patient.

• Contact form submissions: retained for up to 24 months, then deleted.
• Newsletter subscribers: retained until you unsubscribe.
• Analytics & cookie data: retained for up to 14 months in aggregate form.
• Patient records (EMR): retained per Utah medical-record retention requirements — covered separately by HIPAA, not this policy.

Sharing of information

We do not sell your personal information and we do not share it for cross-context behavioral advertising.

We share limited information only with:

• Service providers who run the website, email, scheduling, and analytics on our behalf, under written contracts
• Payment processors that handle card transactions for cash-pay services
• Authorities when required by law, subpoena, or to protect the safety of patients, staff, or the public
• A successor entity in the event of a merger, acquisition, or sale of assets — with notice to you

Cookies & tracking technologies

We use a small number of first-party cookies to remember your preferences (such as accepting our cookie banner and accessibility settings) and a privacy-respecting analytics tool to understand which pages are useful.

You can control cookies through your browser settings or by re-opening our cookie banner from the site footer. Blocking all cookies may break parts of the site (for example, the accessibility menu may forget your choices).

Your choices & rights

Depending on where you live, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Delete information we no longer need to keep
• Opt out of marketing emails (use the unsubscribe link in any newsletter)
• Lodge a complaint with a data protection or consumer-protection authority

To exercise any of these rights, email contact@beehivehealthy.com. We'll respond within 30 days and may need to verify your identity before acting on the request.

How we protect information

We use industry-standard administrative, technical, and physical safeguards — TLS encryption in transit, access controls on internal systems, vendor due-diligence, and staff training. No method of transmission over the Internet is 100% secure, so we encourage you to use our secure EMR portal for any sensitive health communication.

Children's privacy

The website is intended for an adult audience. We don't knowingly collect personal information from children under 13 through the site. If you believe a child has provided information, contact us and we will delete it.

Changes to this policy

We may update this policy as our practice, technology, or the law evolves. Material changes will be flagged at the top of the page with a new effective date. Continued use of the site after the update means you accept the revised policy.