Privacy Policy

Effective Date: March 17, 2025

Hearthstone Wellness LLC, Laura Wilcoxen LLC, and Hearthstonewellness.co (collectively, “we,” “us,” or “our”) are committed to protecting your privacy and handling your information in accordance with applicable laws, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), where applicable. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit Hearthstonewellness.co (the “Website”) or submit information through forms. By using the Website, you agree to this policy.

1. Information We Collect

We collect information you voluntarily provide and certain technical data automatically.

  • Personal Information: Name, email address, phone number, and other details you provide through contact or inquiry forms.

  • Optional Information: Any additional information you include, which may relate to wellness concerns, counseling interests, or personal circumstances.

  • Automatically Collected Information: IP address, browser type, device data, referring URLs, and site usage information collected via cookies or similar technologies.

Important: Information submitted through this Website is not considered secure or confidential health information and should not include sensitive medical or mental health details.

2. Protected Health Information (PHI)

Protected Health Information (PHI) is information created or received in the course of providing health care services that identifies an individual and relates to their physical or mental health.

  • PHI is only collected, used, and maintained through secure, HIPAA-compliant systems (such as your client portal, intake system, or electronic health record), not through standard website forms.

  • If you become a client, your PHI will be handled in accordance with our Notice of Privacy Practices (NPP), which provides detailed information about how your health information is used and protected, and your rights under HIPAA.

3. How We Use Your Information

We use non-PHI information collected through the Website to:

  • Respond to inquiries and communicate about services.

  • Provide requested information or schedule consultations.

  • Improve website performance and user experience.

  • Send updates or resources if you opt in.

  • Meet legal, ethical, or regulatory obligations.

We do not use website-submitted information as part of your clinical record unless it is transferred into a secure system.

4. How We Share Your Information

We do not sell or rent your personal information.

We may share limited information in the following circumstances:

  • Service Providers: With trusted vendors (e.g., website hosting, scheduling tools, secure practice management platforms) who are contractually required to safeguard data. HIPAA-compliant vendors will have Business Associate Agreements (BAAs) in place where required.

  • Legal Requirements: When disclosure is required by law, court order, or regulatory authority.

  • Business Transfers: In connection with a merger or sale, with appropriate notice.

5. Security Measures

We use reasonable administrative, technical, and physical safeguards to protect your information.

  • Website communications are not guaranteed to be secure.

  • Secure, encrypted systems are used for any collection or storage of PHI.

  • Access to sensitive data is restricted to authorized individuals.

Despite these measures, no online system is completely secure.

6. Your Rights

For general website data, you may:

  • Request access to or correction of your information.

  • Request deletion, where legally permissible.

  • Opt out of marketing communications.

For PHI (if you become a client), your rights are governed by HIPAA and outlined in our Notice of Privacy Practices, including rights to access, amend, restrict, and receive an accounting of disclosures.

7. Cookies and Tracking Technologies

We use cookies and similar tools to improve functionality and analyze website traffic. You can control cookie settings through your browser, though disabling them may affect site performance.

8. Third-Party Links

Our Website may link to third-party services. We are not responsible for their privacy practices. Please review their policies independently.

9. Children’s Privacy

This Website is not intended for individuals under 13, and we do not knowingly collect their information. If such data is identified, we will delete it promptly.

10. Website vs. Clinical Communication

  • The Website is intended for general information and initial contact only.

  • It should not be used for urgent concerns, emergencies, or transmission of sensitive health information.

  • If you are in crisis, call 911 or go to your nearest emergency room.

11. Notice of Privacy Practices (NPP)

If you engage in services with Hearthstone Wellness LLC or Laura Wilcoxen LLC, you will receive a separate Notice of Privacy Practices. This document explains:

  • How your PHI is used and disclosed.

  • Your rights under HIPAA.

  • Our legal duties to protect your health information.

12. International Users

If you access this Website from outside the United States, your data may be transferred and processed in the U.S. We take reasonable steps to ensure appropriate protections are in place.

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be reflected by updating the Effective Date. Continued use of the Website constitutes acceptance of those changes.

14. Contact Information

For questions about this Privacy Policy or your information:

Hearthstone Wellness LLC
Laura Wilcoxen LLC
Email: info@laurawilcoxen.com
Website: https://www.hearthstonewellness.co