Faith Haas Therapy

Privacy

Privacy Policy

Faith Haas Therapy

Faith Haas, LMFT | License No. 163370

Effective date: June 1, 2026

Last revised: June 24, 2026

1. Overview

This Privacy Policy describes how Faith Haas Therapy (“Practice,” “we,” “our,” “us”) collects, uses, and shares information through this website (faithhaas.com or any successor or any successor domain). It applies to information collected through the website, including contact forms, scheduling tools, and any other interactive features.

This Privacy Policy governs website data collection only. If you become a client, your health information is governed separately by our Notice of Privacy Practices, which describes your rights under HIPAA and California law.

This website is operated from the State of California. This Privacy Policy complies with the California Online Privacy Protection Act (CalOPPA), the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA), where applicable.

2. Information We Collect

A. Information You Provide Directly

When you interact with this website, you may voluntarily provide:

  • Contact form submissions: Your name, email address, phone number, and the content of your message
  • Scheduling and intake forms: If you use our integrated scheduling platform (SimplePractice), you may provide contact and scheduling information. That platform's own privacy policy also applies to information you submit through it
  • Email correspondence: If you contact us by email, we retain the content of that communication

B. Information Collected Automatically

When you visit this website, certain information is collected automatically:

  • Log data: Your Internet Protocol (IP) address, browser type and version, pages visited, time and date of visits, time spent on pages, and referring URL
  • Device information: Device type, operating system, and screen resolution
  • Cookies and similar technologies: See Section 4 (Cookies) below
  • Analytics data: This website may use analytics tools (such as Google Analytics or a privacy-respecting alternative) that collect aggregated, anonymized usage data to help us understand how visitors use the site

C. Sensitive Information

We do not intentionally collect sensitive personal information through this website, including mental health information, health conditions, financial account numbers, Social Security numbers, or government-issued ID numbers. Do not submit sensitive health information through any web form on this site. If you become a client, your clinical information is collected and protected under separate HIPAA-compliant procedures.

3. How We Use Your Information

We use information collected through this website for the following purposes:

  • To respond to your inquiries and communications
  • To schedule appointments and manage our calendar
  • To send administrative communications about your appointment
  • To improve the content, functionality, and usability of this website
  • To analyze aggregate website traffic and usage patterns
  • To comply with applicable legal obligations
  • To protect the safety and security of the website and our users

We do not use your information for advertising, behavioral profiling, or any commercial purpose unrelated to your care or inquiry.

4. Cookies

Cookies are small text files placed on your device by websites you visit. This website may use:

  • Strictly necessary cookies: Required for the website to function (e.g., session management)
  • Analytics cookies: Used to understand traffic patterns in aggregate (e.g., page views, session duration). These may be set by third-party analytics services.
  • Functional cookies: Used to remember your preferences (e.g., your language or location settings)

This website does not use advertising cookies or cross-site tracking cookies.

You may control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Refusing cookies may affect some functionality of the site.

Do Not Track: California Business and Professions Code §22575(b)(5) requires websites to disclose whether they honor Do Not Track (DNT) signals. This website does not currently alter its behavior in response to DNT signals. If that changes, this Policy will be updated.

5. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for commercial purposes. We may share information in the following limited circumstances:

Service providers. We may share information with vendors who provide services on our behalf, such as website hosting, email delivery, and scheduling software (including SimplePractice). These vendors are permitted to use your information only to provide services to us and are bound by appropriate confidentiality obligations.

Legal compliance. We may disclose information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of the Practice, our clients, or the public.

Business transfers. In the event of a sale, merger, or transfer of the Practice, client records and website data may be transferred, subject to applicable law governing health information.

With your consent. We may share your information for any other purpose with your explicit consent.

We do not share your personal information with third parties for their own marketing or commercial purposes.

6. Third-Party Services

This website may incorporate tools or links from third parties, including:

  • SimplePractice: Our client scheduling and telehealth platform. If you use the booking widget or client portal, SimplePractice's Privacy Policy governs information you submit through those tools. SimplePractice is a HIPAA Business Associate.
  • Google Analytics (or equivalent): Used for aggregate website traffic analysis. Google's Privacy Policy governs data collected through this service. You may opt out using the Google Analytics Opt-Out Browser Add-on.

When you click on links to third-party websites, you leave this website. We are not responsible for the privacy practices of those sites.

7. California Privacy Rights

If you are a California resident, the following rights apply to the personal information we collect through this website.

Right to Know. You have the right to request that we disclose what personal information we have collected about you, the categories of sources from which it was collected, the purposes for which it was used, and any categories of third parties with whom it was shared.

Right to Delete. You have the right to request deletion of personal information we have collected about you, subject to certain exceptions (e.g., information we are legally required to retain).

Right to Correct. You have the right to request correction of inaccurate personal information we hold about you.

Right to Opt Out of Sale or Sharing. We do not sell or share your personal information for cross-context behavioral advertising. If our practices change, we will update this Policy and provide a mechanism to opt out.

Right to Limit Use of Sensitive Personal Information. To the extent we collect sensitive personal information (as defined under CPRA), you have the right to limit our use of that information to what is necessary to provide the services you requested.

Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.

Submitting a Request. To exercise any of these rights, contact us at:

We will respond to a verifiable consumer request within 45 days, as required by California law, and may request information from you to verify your identity before processing your request.

8. Children's Privacy

This website is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us immediately and we will delete it.

California minors under 18 may request removal of publicly posted content they submitted to this website. To make such a request, contact us at the information below.

9. Data Retention

We retain personal information collected through this website for as long as necessary to fulfill the purposes described in this Policy or as required by law. Contact form submissions and scheduling inquiries are generally retained for 12 months. Website analytics data is retained in aggregate form.

Clinical records for clients are retained in accordance with California law and our Notice of Privacy Practices.

10. Security

We implement reasonable administrative, technical, and physical safeguards to protect personal information collected through this website from unauthorized access, use, or disclosure. Our scheduling and client management platform (SimplePractice) is HIPAA-compliant and uses industry-standard encryption.

No method of data transmission or storage is completely secure. We cannot guarantee absolute security of your information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last Revised” date at the top of this page. We encourage you to review this Policy periodically. Continued use of the website after changes are posted constitutes your acceptance of the revised Policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy, or to exercise your California privacy rights, contact: