Safe Harbor Counseling Institute – Privacy Policy

This Privacy Policy describes how Safe Harbor Counseling Institute (“we”, “our” or “us”) collects, uses, shares, and protects your personal information. It applies to information collected when you use our website (“Site”) at https://safeharborcci.org, when you communicate with us through the Site, over the phone, via email or by text message, and when you receive counseling services from us. By using the Site or providing us with your information, you consent to the practices described in this Policy.

Personal Information

We Collect We collect personal information that you voluntarily provide to us and certain information automatically when you interact with our Site. The types of personal information we may collect include: Contact details (such as your name, mailing address, email address, and phone number).

Demographic information (such as age and gender) and other information you choose to provide when you complete forms or communicate with us. Health‑related or insurance information you provide in connection with counseling services, which may constitute protected health information under applicable law (“PHI”).

Information contained in text messages, emails, or other communications between you and us, including appointment requests and feedback. Usage data collected automatically when you visit our Site, such as IP address, browser type, device identifiers, pages visited, and the date and time of each request. We limit our collection to the information necessary to provide our services and to comply with legal requirements.

How We Collect Personal Information

We collect personal information in the following ways: Directly from you when you reach out to us via text, schedule appointments with reminders and verbal confirmation. Automatically through cookies and similar technologies when you navigate our Site. These technologies help us understand how you use the Site and improve your experience. From third parties, such as insurance providers and health care professionals, when necessary to coordinate care.

How We Use Personal Information

We use the personal information we collect for the following purposes: To schedule and manage counseling appointments and provide counseling services. To respond to your inquiries, including via SMS, email, or phone, and to provide you with information related to our programs and services. To send appointment reminders, updates, and administrative messages. To maintain records, comply with legal obligations, and enforce our agreements. To improve our services, understand how clients use our Site, and enhance user experience. We will not use your personal information for marketing purposes without your express consent.

 

SMS Communications and Consent

If you consent to receive informational and conversational SMS from Safe Harbor Counseling Institute, you agree to receive appointment reminders, program updates, and responses to your inquiries via SMS from us. We will obtain your express consent before sending you SMS messages, and we will log your consent.

Standard messaging disclosures apply:

Reply STOP to opt-out;

Reply HELP for support;

Message & data rates may apply;

Messaging frequency may vary.

No mobile opt‑in or text message consent will be shared with third parties or affiliates.

How We Share Personal Information

We may share personal information with the following categories of recipients: Authorized service providers who assist us in delivering our services, such as telecommunication providers that facilitate SMS messaging, information technology vendors, and billing services. These providers are contractually required to safeguard your information and use it only as directed by us. Healthcare professionals involved in your care, if necessary to coordinate or manage services. Regulators, government agencies, courts, or other third parties when required by law or to protect our rights, property, or safety.

We do not sell or rent your personal information. No mobile opt-in or text message consent will be shared with third parties or affiliates.

Cookies and Tracking Technologies

Our Site uses cookies and similar technologies to collect usage data and improve your experience. Cookies are small text files stored on your device. You can adjust your browser settings to refuse cookies or alert you when a cookie is being sent; however, some parts of our Site may not function properly without cookies.

Data Security and Retention

We employ administrative, technical, and physical safeguards to protect personal information against unauthorized access, disclosure, alteration, or destruction. Although we strive to protect your information, no method of transmission over the Internet or electronic storage is completely secure.

HIPAA Notice of Privacy Practices (Summary)

This section is a summary of how we may use and disclose medical information about you and how you can access that information. To the extent we are a “covered entity” or “business associate” under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), we will use

 

and disclose Protected Health Information (“PHI”) only as permitted or required by HIPAA and applicable state law.

a. Uses and disclosures of PHI. We may use and disclose PHI for the following purposes, consistent with HIPAA:

Treatment: to provide, coordinate, or manage your mental health care and related services.

Payment: to obtain payment for services (for example, billing and collection activities), as applicable.

Health care operations: to support our internal operations (for example, quality assessment, training, and administrative activities), as permitted by HIPAA.

As required by law and for public health and safety purposes, where HIPAA permits.

With your authorization: for uses and disclosures not otherwise permitted by HIPAA, we will obtain your written authorization, and you may revoke it as allowed by law.

b. Special protections—Substance Use Disorder (SUD) records (2026). SUD-related records may be subject to heightened confidentiality protections under federal law (including 42 C.F.R. Part 2) and applicable updates effective in 2026. When these heightened protections apply, we will not use or disclose SUD records except as permitted by those laws (which generally require your specific authorization or another lawful basis). We will apply the stricter rule when HIPAA and SUD confidentiality requirements differ.

c. Special protections—reproductive health information (2026). Consistent with HIPAA’s enhanced reproductive health privacy protections effective in 2026, we will not use or disclose reproductive health information for prohibited purposes (including certain law-enforcement or investigative purposes) and will follow applicable attestation and documentation requirements when required by law.

d. Your HIPAA rights (examples). Depending on the circumstances, you may have rights under HIPAA, including the right to:

request restrictions on certain uses and disclosures (we are not required to agree in all cases);

request confidential communications (for example, contacting you at a different number or address);

inspect and obtain a copy of your PHI (with limited exceptions);

request an amendment to your PHI;

receive an accounting of certain disclosures; and

receive a paper copy of this notice upon request. To exercise HIPAA-related rights, please contact us using the information in the “Contact Us” section below.

California Consumer Privacy Act (CCPA) / CPRA (California Residents) This section applies to California residents and describes rights and disclosures under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”).

a. Sensitive Personal Information. “Sensitive Personal Information” may include (as

 

defined by California law) information such as: Social Security number; driver’s license/state ID/passport number; account log-in credentials; precise geolocation; racial or ethnic origin; religious or philosophical beliefs; union membership; the contents of certain communications; genetic data; biometric information; health information; and personal information collected from a known child or minor under 16 years of age.

b. Your CCPA/CPRA rights. Subject to certain exceptions, California residents may have the following rights:

Right to Know (Access): to request the categories and specific pieces of personal information we have collected about you, including personal information collected on or after January 1, 2022, as well as information about our sources, purposes, and disclosures.

Right to Delete: to request deletion of personal information we collected from you, subject to legal exceptions.

Right to Correct: to request correction of inaccurate personal information we maintain about you.

Right to Limit Use and Disclosure of Sensitive Personal Information: to request that we limit our use and disclosure of Sensitive Personal Information to purposes permitted by the CCPA/CPRA (for example, to provide requested services and for certain security, legal, and operational purposes).

c. No sale or sharing. Safe Harbor Counseling Institute does not “sell” personal information or “share” personal information for cross-context behavioral advertising, as those terms are defined under California law.

d. Retention of Personal Information. We retain personal information (including Sensitive Personal Information and, where applicable, PHI) only for as long as reasonably necessary and proportionate to fulfill the purposes for which it was collected, including to provide services, maintain appropriate records, meet clinical obligations, comply with legal and regulatory requirements, resolve disputes, enforce agreements, and for other legitimate business purposes. Retention periods may vary depending on the type of information and applicable legal requirements.

e. Non-discrimination. We will not unlawfully discriminate against you for exercising your CCPA/CPRA rights.

f. How to submit a request. To submit a CCPA/CPRA request, contact us using the information in the “Contact Us” section below. We may need to verify your identity before fulfilling your request.

California Medical Information Act (CMIA)

To the extent the California Confidentiality of Medical Information Act (“CMIA”) applies, we will maintain, use, and disclose medical information in compliance with CMIA, which may provide protections that are stricter than federal law in certain circumstances. Where CMIA provides greater privacy protections than HIPAA or other laws, we will follow CMIA to the extent applicable.

Consent; No Dark Patterns

 

When we describe consent or choices (including SMS consent and any optional disclosures), we will present those options in a clear and straightforward way. We do not use “dark patterns” (as defined under applicable law) to obtain consent or to impair or subvert user choice.

Automated Decision-Making Technology (ADMT)

We may use standard software tools for administrative, operational, scheduling, and communication purposes. However, we do not use automated decision-making technology or artificial intelligence to make clinical diagnoses or treatment decisions without meaningful human involvement and appropriate professional judgment.

Your Choices and Rights

Depending on your location, you may have the right to access, correct, or delete personal information we maintain about you, or to request that we limit or stop processing your information. You may also opt out of receiving SMS messages by replying STOP to any text message or by contacting us directly.

Children’s Privacy

Our services are intended for individuals who are at least 18 years old. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can remove the information.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or for other reasons. When we update the Policy, we will revise the \”Effective date\” at the top. We encourage you to review this Policy regularly to stay informed about our privacy practices.

SMS Text Messaging Terms of Service

These terms of service govern your consent to receive text messages (SMS) from Safe Harbor CCI. By opting in to receive messages, you agree to these terms. SMS messaging is an optional service designed to enhance our communications with you about your care and services.

1.1 Obtaining Consent. You must provide your express consent before we send any SMS messages to your mobile number. Consent may be provided through a web form, paper form, email, in person, or by messaging us directly. Your consent will be logged, and we will maintain records of your opt‑in.

1.2 Types of Messages. We will only send messages that align with your selected preferences. Messages may include appointment reminders, scheduling changes, program updates, educational information, or responses to your inquiries. We do not send promotional or marketing SMS messages unless you expressly opt in. Our use of SMS complies with RingCentral’s Enhanced Business SMS guidelines.

1.3 Message Frequency. The number of messages we send will vary depending on your engagement with our services. Message frequency may vary.

1.4 Charges and Carriers. Message and data rates may apply depending on your mobile plan and carrier. We are not responsible for any charges assessed by your carrier.

2.1 Opt‑In. You may opt in to receive SMS messages by checking the appropriate box on our contact forms, sending us a text message requesting information, signing a form, or giving verbal consent. Consent checkboxes on web forms are optional and unchecked by default.

2.2 Opt‑Out. You may withdraw your consent at any time by replying STOP to any SMS message. After you send STOP, we may send a confirmation message and will no longer send SMS messages unless you opt back in. You may also request help or support by replying HELP.

3.1 Data Collection. We collect your phone number and any information you provide via SMS for the purpose of communicating with you. 3.2 Use of Information. We use your phone number and message content solely to deliver the services you request. We do not sell, rent, or share your mobile opt‑in information or personal data with third parties or affiliates. 3.3 Privacy Policy. For more information about how we handle personal information, please review the preceding sections of this Privacy Policy.

4.1 Age. SMS services are intended for individuals in the United States who are at least 18 years old. Minors should not use these services without a parent or guardian’s consent.

4.2 Emergency and Medical Matters. SMS MESSAGES ARE NOT A SUBSTITUTE FOR PROFESSIONAL MEDICAL ADVICE OR EMERGENCY SERVICES. Do not rely on SMS for urgent or crisis situations. If you are experiencing an emergency, call 911 or seek immediate assistance.

5.1 No Warranty. SMS messaging services are provided on an “as‑is” basis. We make no warranties regarding the reliability or timeliness of the information sent via SMS. 5.2 Limitation of Liability. Safe Harbor CCI and its agents are not liable for any damages arising from or related to your use of SMS services, including delays or non-delivery of messages.

If you have questions or concerns about these terms or our SMS services, please contact us at:

Safe Harbor CCI

Address: 13149 3rd Street, Chino, CA 91710

Phone: (909) 313-2184

Web: safeharborcci.org

Email: contact@safeharborcci.org