Myndworx

Menu

Myndworx Privacy Policy

Effective Date: January 1, 2026 Better Self pllc DBA Myndworx (“Myndworx,” “we,” “us,” or “our”) is committed to protecting the privacy, confidentiality, and security of personal information entrusted to us. As a mental health provider, we adhere to professional, ethical, and legal standards designed to safeguard client information, including the Health Insurance Portability and Accountability Act (HIPAA) and applicable federal and state privacy laws. This Privacy Policy explains how we collect, use, store, and protect information obtained through our website (www.myndworx.net ), email communications, and other interactions with clients, prospective clients, and visitors.

  1. Scope of This Policy

This Privacy Policy applies to:

  • Current and former clients

  • Prospective clients

  • Website visitors

  • Individuals who receive email or SMS communications from Myndworx This policy does not replace client-specific privacy notices, informed consent documents, or the HIPAA Notice of Privacy Practices provided at the start of clinical services.

  1. Information We Collect

A. Personal Information You Provide

We may collect personal information when you:

  • Request services or information

  • Schedule appointments

  • Complete contact, intake, or onboarding forms

  • Subscribe to or receive email or SMS communications

  • Communicate with us via phone, email, text message, or website forms This information may include:

  • Name

  • Email address

  • Phone number and/or SMS number

  • Preferred method of contact

  • Dates of onboarding and last service interaction

  • General demographic or administrative information

B. Clinical and Health Information

If you become a client of Myndworx, we collect additional information necessary to provide mental health services, including protected health information (PHI), such as:

  • Intake and assessment information

  • Treatment records and clinical notes

  • Appointment, billing, and payment records Clinical information is collected, stored, and protected using a HIPAA-compliant electronic health record (EHR) system with a Business Associate Agreement (BAA) in place and in accordance with applicable state and federal laws.

C. Website and Technical Information

When you visit our website, we may automatically collect limited technical information, such as:

  • IP address

  • Browser type and device information

  • Pages visited and time spent on the site This information is used for website functionality, security, and basic analytics and does not, by itself, identify you personally.

  1. How We Use Information

We use collected information only for legitimate clinical, administrative, and business purposes, including:

  • Providing and coordinating mental health services

  • Communicating with clients regarding appointments, services, billing, or administrative matters

  • Sending informational, educational, or wellness-related communications

  • Improving our services, website, and client experience

  • Complying with legal, ethical, and regulatory requirements We do not sell, rent, or trade personal or clinical information.

  1. Data Storage and Systems

A. Clinical Data Storage

Clinical and billing information is stored within a secure, HIPAA-compliant electronic health record system. Access is restricted to authorized individuals only, including:

  • The individual treating clinician

  • The practice owner

  • The practice manager

  • Billing personnel with billing-only access Each authorized user is assigned a unique login and required to use multi-factor authentication (2FA).

B. Website Forms and WordPress Storage

Information submitted through website forms is collected through WordPress-based form plugins and stored in the website’s database hosted by our web hosting provider. This may include:

  • Contact and inquiry forms

  • Non-clinical intake or interest forms Form submission data may be:

  • Viewed within the WordPress dashboard via the applicable form plugin

  • Stored in the WordPress database tables

  • Exported for administrative follow-up when necessary Website hosting analytics may also collect server-level activity data (such as access logs), which does not include the content of submitted forms.

C. Email Marketing Data

Marketing and newsletter communications are managed through a separate email platform from clinical systems. Information stored in this system may include:

  • Name

  • Email address

  • Phone or SMS number

  • Client or subscriber status (current, former, or non-client subscriber)

  • Dates of onboarding and last interaction No clinical records or treatment details are stored or transmitted through marketing platforms. All data is stored on servers located within the United States.

  1. Email Communications and Marketing

Myndworx may send periodic emails to current and former clients and individuals who have interacted with our practice. These communications may include:

  • Practice updates

  • Educational or wellness content

  • Blog articles and newsletters

  • Service announcements

Opt-In and Opt-Out

  • Individuals are included in our email list based on a prior relationship with Myndworx or consent provided.

  • You may opt out of marketing or informational emails at any time using the unsubscribe link in each email.

  • Opting out of marketing emails does not affect essential communications related to appointments, billing, or required administrative notices. We comply with the CAN-SPAM Act and applicable email communication laws.

  1. Text Messaging (SMS)

If you choose to receive SMS messages, they may be used for:

  • Appointment reminders

  • Scheduling updates

  • Administrative notifications SMS participation is voluntary. You may opt out at any time by following the instructions in the message or contacting us directly.

  • With your consent or based on your prior relationship with Myndworx, we may also send limited SMS messages for informational or marketing purposes. These messages may include wellness tips, practice updates, or notifications about new resources or services. Marketing SMS messages are managed separately from clinical communications and do not include protected health information (PHI). You may opt out of marketing or informational text messages at any time by replying STOP or by contacting us directly. Opting out of SMS marketing will not affect your ability to receive essential appointment, billing, or administrative communications.

  1. Protection of Client Confidentiality and Security

Protecting client confidentiality is fundamental to our work. Our safeguards include:

  • HIPAA-compliant electronic systems with BAAs

  • Encrypted data storage and transmission where applicable

  • Role-based access controls

  • Individual user accounts with multi-factor authentication

  • Staff and contractor training on privacy and confidentiality

  • Device security requirements, including password-protected devices and secure internet connections Secure Wi-Fi is required for system access, except in limited circumstances (such as clinician travel) and only with appropriate safeguards and client consent.

  1. Sharing of Information

We may share information only when:

  • Necessary for treatment, payment, or healthcare operations

  • Required by law (e.g., court orders, mandatory reporting)

  • Necessary to prevent serious harm to a client or others

  • With trusted service providers who are contractually obligated to protect confidentiality and data security. Clinical information is never shared for marketing purposes.

  1. Data Retention and Deletion

  • Clinical records are retained for seven (7) years from the date of last contact or, for minors, seven (7) years from the age of majority, in accordance with legal and professional standards.

  • Marketing and newsletter data is retained only while an individual remains subscribed. Upon opt-out, marketing data is removed entirely, except where minimal retention is required to honor unsubscribe requests. When information is no longer required, it is securely deleted or destroyed.

10. Data Breach and Incident Response

In the event of a data breach or unauthorized access, Myndworx will follow applicable federal and state laws, including HIPAA breach notification requirements. Affected individuals will be notified as required.

11. Your Rights

Depending on your relationship with Myndworx, you may have the right to:

  • Request access to your information

  • Request corrections to inaccurate information

  • Withdraw consent for non-essential communications

  • File a complaint regarding privacy concerns Clients receive additional rights and disclosures through Myndworx’s HIPAA Notice of Privacy Practices.

12. Children’s Privacy

Myndworx does not knowingly collect personal information from individuals under the age of 13 through our website.

13. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted on our website with a revised effective date.

14. Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact:
Myndworx Website: www.myndworx.net
Email: admin@myndworx.net
Phone: 571-206-1121

By engaging with Myndworx, visiting our website, or receiving our communications, you acknowledge that you have reviewed this Privacy Policy.