top of page

PRIVACY POLICY

Last updated June 14, 2024

 

This privacy notice for Aura Behavioral Health, LLC ("we," "us," or "our") explains how and why we may collect, store, use, and share ("process") your information when you use our services ("Services"), such as:

  • Visiting our website or any other site that links to this privacy notice

  • Interacting with us in other ways, including service delivery, marketing, or events

Have questions or concerns? This privacy notice will help you understand your privacy rights and choices. If you disagree with our policies and practices, please do not use our Services. For any remaining questions or concerns, contact us at info@aurabehavior.com.

 

SUMMARY OF KEY POINTS

This summary highlights key points from our privacy notice. For more details on any of these topics, use our table of contents below to find the section you need.

  • When you visit, use, or navigate our Services, we may collect and process personal information based on your interactions with us, the choices you make, and features you use.

  • We may process sensitive personal information when necessary, either with your consent or as permitted by applicable law.

  • We do not gather any information from third parties.

  • We process your information to deliver, enhance, and manage our Services, communicate with you, ensure security, prevent fraud, and comply with legal obligations. Additionally, we may process your information for other purposes with your consent, always grounded in a valid legal reason.

  • We may share your information in specific situations and with certain categories of third parties.

  • We employ organizational and technical measures to protect your personal information. However, since no internet transmission or data storage technology is entirely secure, we cannot guarantee that hackers, cybercriminals, or other unauthorized individuals will not access, steal, or alter your information.

  • Depending on your location, relevant privacy laws may entitle you to specific rights concerning your personal information.

  • You can easily exercise your rights by submitting a data subject access request or reaching out to us. We will promptly review and respond to your request in compliance with applicable data protection laws.

TABLE OF CONTENTS

 

1. INFORMATION WE COLLECT

2. HOW WE PROCESS YOUR INFORMATION

3. SHARING YOUR PERSONAL INFORMATION

4. COOKIES AND TRACKING TECHNOLOGIES

5. DATA RETENTION

6. SECURITY OF YOUR INFORMATION

7. MINORS' INFORMATION

8. YOUR PRIVACY RIGHTS

9. DO-NOT-TRACK CONTROLS

10. PRIVACY RIGHTS FOR U.S. RESIDENTS

11. UPDATES TO THIS NOTICE

12. CONTACTING US ABOUT THIS NOTICE

13. REVIEWING, UPDATING, OR DELETING YOUR DATA

 

1. INFORMATION WE COLLECT

Personal information you disclose to us. We gather personal details voluntarily provided by you when you register for our Services, express interest in learning about our services, participate in activities on our platform, or contact us through various means.

This includes various types of personal information depending on your interactions with us and our Services, your choices, and the specific features you use. Examples include:

  • Names

  • Phone numbers

  • Email addresses

  • Mailing addresses

  • Usernames

  • Passwords

  • Contact preferences

  • Billing addresses

  • Debit/credit card numbers

  • Contact or authentication data

  • Job titles

Sensitive Data. We may process sensitive information, such as health data, when required and with your consent or as allowed by applicable law.

All information you provide must be truthful, complete, and accurate, and you are responsible for updating us about any changes to your personal information.

 

Automated Information Collection. When you access our Services, certain information is gathered automatically. This data does not reveal your specific identity (such as name or contact details), but it includes device and usage details such as IP address, browser type, device characteristics, operating system, language preferences, referring URLs, device name, country, location, usage patterns on our Services, and other technical information. This information is crucial for maintaining the security and functionality of our Services, and for internal analytics and reporting.

Similar to many other businesses, we utilize cookies and similar technologies for information collection.

Data We Collect

  • Log and Usage Data: This includes service-related diagnostic, usage, and performance information automatically collected by our servers when you access or use our Services. We record this data in log files, which may include your IP address, device details, browser type and settings, and activity within the Services (such as timestamps of your usage, pages viewed, files accessed, searches conducted, and actions taken like feature usage). We also capture device event information such as system activity, error reports (sometimes known as "crash dumps"), and hardware settings.

  • Device Data: We gather information about the device you use to access our Services, which could include your computer, phone, tablet, or other devices. Depending on the device, this data may encompass your IP address (or proxy server), device and application identification numbers, location data, browser type, hardware model, Internet service provider or mobile carrier, operating system, and system configuration details.

  • Location Data: We collect information about your device's location, which may range from precise to imprecise depending on your device type and settings. For instance, we may employ GPS and similar technologies to gather geolocation data based on your IP address. You can choose to opt out of providing this information by denying access or disabling Location settings on your device. However, opting out may restrict your ability to use certain features of the Services.

 

2. HOW WE PROCESS YOUR INFORMATION

We may process your personal information for various purposes, depending on your interactions with our Services, including:

  • Account Management: Facilitating account creation, authentication, and maintaining user accounts.

  • Service Delivery: Processing your information to deliver the requested services.

  • Customer Support: Addressing user inquiries and providing support for the services.

  • Administrative Communications: Sending administrative information such as updates on services, and policy changes.

  • Feedback Collection: Processing your information to request and gather feedback on our Services.

  • Security Measures: Utilizing your information to safeguard our Services, including fraud prevention.

  • Service Evaluation and Improvement: Analyzing usage patterns to evaluate and enhance our Services, marketing strategies, and user experience.

  • Usage Analysis: Processing information on how you use our Services to understand usage trends and improve them.

  • Legal Compliance: Managing your information to meet our legal obligations, respond to legal requests, and protect our legal interests.

By providing a telephone number and submitting forms on our website you are consenting to be contacted by SMS text message. Message & data rates may apply. You can reply STOP to opt-out of further messaging.

3. SHARING YOUR PERSONAL INFORMATION

Third-Party Service Providers: We only share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services for us or on our behalf and require access to your information for these purposes. Our contracts with these third parties ensure they handle your personal information only as instructed by us, refrain from sharing it with any other entity, and commit to protecting and retaining the data securely according to our instructions.

 

We never share any personal information to third parties to market their products or services to you. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

We my also share information with third parties including funding sources (e.g., insurance, etc) and as required by law with government agencies. Please refer to our HIPAA Notice for more information on this.

Categories of third parties we may share personal information with include:

  • Cloud computing services

  • Communication and collaboration tools

  • Data analytics services

  • Government entities

  • Payment processors

  • Performance monitoring tools

    • Website hosting service providers

  • User account registration and authentication services

We may share your personal information in the following situations:

  • Business Transfers: Your information may be shared or transferred during mergers, sales of company assets, financing, or acquisitions of our business.

  • Google Maps Platform APIs: We share your information with specific Google Maps Platform APIs (e.g., Google Maps API, Places API). We also store your location ("cache") on your device. You can revoke consent by contacting us using the details provided at the end of this document.

  • Affiliates: We share your information with our affiliates, including our parent company, subsidiaries, joint ventures, or other companies under common control, who are required to adhere to this privacy notice.

  • Business Partners: Your information may be shared with our business partners to provide you with specific services.

 

4. COOKIES AND TRACKING TECHNOLOGIES

We may utilize cookies and similar tracking technologies (such as web beacons and pixels) to collect information when you interact with our Services. These technologies help us ensure Service security and account integrity, prevent crashes, resolve bugs, save your preferences, and support basic site functions.

Additionally, we allow third parties and service providers to employ online tracking technologies on our Services for analytics and advertising purposes. This includes managing and displaying advertisements, customizing ads based on your interests, and sending reminders for abandoned shopping carts, depending on your communication preferences. These third parties and service providers use their technologies to deliver personalized advertising about services, which may appear on our Services or other websites.

If these online tracking technologies are considered a "sale" or "sharing" under applicable US state laws (including targeted advertising as defined), you can opt out by submitting a request as described in the "PRIVACY RIGHTS FOR U.S. RESIDENTS" section below.

Detailed information on how we use these technologies and how you can manage certain cookies is available in our Cookie Notice.

Google Analytics

We may share your information with Google Analytics to analyze and track the usage of our Services. Google Analytics Advertising Features we may use include Google Analytics Demographics and Interests Reporting. To opt out of Google Analytics tracking across our Services, visit https://tools.google.com/dlpage/gaoptout. You can also manage Google Analytics Advertising Features through Ads Settings and Ad Settings for mobile apps. Other opt-out methods are available at http://optout.networkadvertising.org/ and http://www.networkadvertising.org/mobile-choice. For more details on Google's privacy practices, please review the Google Privacy & Terms page.

 

5. DATA RETENTION

We will retain your personal information only as long as necessary for the purposes outlined in this privacy notice, unless a longer retention period is mandated or permitted by law (such as for tax, accounting, or other legal requirements). None of the purposes described in this notice necessitate retaining your personal information beyond the duration of your account with us.

When we no longer have a legitimate business need to process your personal information, we will either delete or anonymize it. If deletion or anonymization is not feasible (for example, if your personal information is stored in backup archives), we will securely store it and prevent any further processing until deletion becomes feasible.

 

6. SECURITY OF YOUR INFORMATION

We've implemented strong security measures to protect your personal information. However, no electronic transmission or storage system is completely secure. While we strive to safeguard your data, we cannot guarantee that unauthorized third parties won't breach our security and access or manipulate your information. Your use of our Services involves risks associated with transmitting personal information over the Internet, so it's advisable to access our Services in a secure environment.

 

7. MINORS' INFORMATION

We do not intentionally collect, solicit, or market to children under 18 years of age, nor do we sell their personal information. By using our Services, you affirm that you are at least 18 years old or that you are a parent or guardian consenting to the use of our Services by a minor. If we discover that we have inadvertently collected personal information from someone under 18 years old, we will deactivate the account and take immediate steps to delete such information from our records. If you are aware of any personal data we may have collected from children under age 18, please contact us at info@aurabehavior.com.

 

8. YOUR PRIVACY RIGHTS

If we rely on your consent to process your personal information, whether it's express or implied consent under applicable law, you have the right to withdraw your consent at any time. You can do so by contacting us using the details provided in the "CONTACTING US ABOUT THIS NOTICE" section below.

Please be aware that withdrawing your consent will not affect the legality of processing conducted before the withdrawal, nor will it affect processing that is justified by other lawful grounds as permitted by applicable law.

 

To review, update, or terminate your account:

  • Log in to your account settings to manage your user profile.

  • Upon requesting account termination, we will deactivate or delete your account and information from our active databases. Some data may be retained in our files for fraud prevention, troubleshooting, investigations, enforcing legal terms, or complying with legal requirements.

For questions regarding your privacy rights, contact us at info@aurabehavior.com.

 

9. DO-NOT-TRACK CONTROLS

Most web browsers and some mobile operating systems and applications offer a Do-Not-Track ("DNT") feature to indicate your preference against having your online browsing activities monitored and collected. Currently, there is no established technology standard for recognizing and implementing DNT signals. Therefore, we do not currently acknowledge DNT browser signals or any other automated mechanism indicating your choice not to be tracked online. If a standard for online tracking emerges that we must adhere to in the future, we will update this privacy notice accordingly.

Under California law, we are required to disclose how we handle web browser DNT signals. Due to the absence of an industry or legal standard for recognizing or honoring DNT signals, we do not currently act upon them.

10. PRIVACY RIGHTS FOR U.S. RESIDENTS

If you reside in California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have rights to access, receive details about, correct inaccuracies in, obtain a copy of, or delete your personal information held by us, as well as to withdraw your consent to our processing of your personal information. These rights may be subject to limitations under applicable law. Further details are provided below.

​​​​​​​​​​​​​Categories of Personal Information We Collect

We may have collected the following categories of personal information in the past twelve (12) months:

A. Identifiers. E.g., Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name - YES

 

B. Personal information as defined in the California Customer Records statute. E.g., Name, contact information, education, employment, employment history, and financial information - YES

 

C. Protected classification characteristics under state or federal law. E.g., Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic data - YES

D. Commercial information. E.g., Transaction information, purchase history, financial details, and payment information - NO

E. Biometric information. E.g., Fingerprints and voiceprints - NO

F. Internet or other similar network activity. E.g., Browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements - NO

G. Geolocation data. E.g., Device location - YES

H. Audio, electronic, sensory, or similar information. E.g., Images and audio, video or call recordings created in connection with our business activities - NO

I. Professional or employment-related information. E.g., Business contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with us - YES

J. Education Information. E.g., Student records and directory information - NO

K. Inferences drawn from collected personal information. E.g., Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics - NO

L. Sensitive personal Information. E.g., Account login information, contents of email or text messages, debit or credit card numbers, drivers' licenses, health data, national origin, personal data from a known child, precise geolocation, state id card numbers and status as transgender or nonbinary (all of which is voluntary created/provided by you) - YES

We collect sensitive personal information as defined by applicable privacy laws or with your consent. This information may be shared with service providers for specified purposes, and you may have the right to limit its use or disclosure. We do not use sensitive personal information to infer characteristics about you. Additionally, we collect other personal information through interactions such as customer support, surveys, and facilitating service delivery and responses to inquiries.

We retain collected personal information as necessary to provide services or for specific purposes outlined in:

  • Category A: Up to seven years or as required by law.

  • Category B: Up to seven years or as required by law.

  • Category C: Up to seven years or as required by law.

  • Category G: Up to seven years or as required by law.

  • Category I: Up to seven years or as required by law.

  • Category L: Up to seven years or as required by law.

For details on the sources of personal information we collect, refer to "INFORMATION DO WE COLLECT". To understand how we use your personal information, see "HOW WE PROCESS YOUR INFORMATION". We collect and share your personal information through:

  • Click redirects: Central Reach Client Portal and IntakeQ Client Portal

We may disclose your personal information to service providers under written contracts. Learn more about disclosures in "SHARING YOUR PERSONAL INFORMATION" and HIPPA NOTICE.

We may use your personal information internally for purposes such as research and technological development, which is not considered "selling" your personal information.

In the past twelve months, we have not sold or shared any personal information with third parties for business or commercial purposes. Categories of personal information disclosed to third parties for business or commercial purposes can be found under "SHARING YOUR PERSONAL INFORMATION".

 

Your Rights. You have rights under various US state data protection laws, although these rights are subject to limitations allowed by law. They include:

  • Right to know whether we process your personal data

  • Right to access your personal data

  • Right to correct inaccuracies in your personal data

  • Right to request deletion of your personal data

  • Right to obtain a copy of your personal data previously provided

  • Right to non-discrimination for exercising these rights

  • Right to opt out of processing your personal data for targeted advertising, sale of personal data, or profiling

Depending on your state, you may also have rights such as:

  • Right to receive a list of categories of third parties with whom we share personal data

  • Right to receive a list of specific third parties with whom we share personal data

  • Right to limit use and disclosure of sensitive personal data

  • Right to opt out of collection of sensitive data and personal data through voice or facial recognition features

How to Exercise Your Rights. To exercise these rights, contact us via a data subject access request or email us at info@aurabehavior.com. Contact details are provided at the end of this document.

We respect your opt-out preferences set through the Global Privacy Control (GPC) opt-out signal in your browser.

 

Under some state laws, you can appoint an authorized agent to make requests on your behalf. We may require proof of authorization before processing requests from agents.

Request Verification. Upon receiving your request, we will verify your identity to ensure we have the correct person's information. We will only use the information provided for verification purposes. If additional information is needed, we will request it for security and fraud prevention.

 

If your request is submitted by an authorized agent, additional information may be required for identity verification, and a written authorization from you will be needed.

Appeals. If we decline your request, you may appeal by emailing us at info@aurabehavior.com. We will provide a written explanation of our decision. If your appeal is denied, you can file a complaint with your state attorney general.

California "Shine The Light" Law. California residents can request, once a year and free of charge, information about personal information categories disclosed for direct marketing purposes and third parties with whom personal information was shared in the previous year. Submit requests in writing using the contact details provided in "CONTACTING US ABOUT THIS NOTICE"

 

11. UPDATES TO THIS NOTICE

We may periodically revise this privacy notice. The updated version will be marked with a new "Revised" date at the top. If there are significant changes, we may notify you through prominent posting or direct notification. Please check this notice regularly to stay informed about how we safeguard your information.

 

12. CONTACTING US ABOUT THIS NOTICE

For questions or comments about this notice, email us at info@aurabehavior.com or contact us by post at:

Aura Behavioral Health, LLC

1300 Ethan Way

Ste 200

Sacramento, CA 95825

United States

 

13. REVIEWING, UPDATING, OR DELETING YOUR DATA

Depending on the laws in your country or state of residence in the US, you might have the right to access the personal information we collect, receive details about its processing, correct inaccuracies, or request deletion. You may also be able to withdraw your consent for processing your personal information. These rights could be subject to limitations under applicable law. To request a review, update, or deletion of your personal information, please complete and submit a data subject access request form.

bottom of page