212-787-5555
165 West End Avenue, New York, NY 10023
Umów wizytę

Privacy Policy

1. Introduction

 

This Privacy Policy outlines how your personal data is collected, used, protected, and shared when you visit or interact with the website of Dr. Grace P. Conroy, PhD. As a healthcare provider, Dr. Conroy strictly adheres to the Health Insurance Portability and Accountability Act (HIPAA) and complies with relevant data privacy laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

By using this website or submitting information via the contact form, you agree to the terms of this Privacy Policy.

2. Definitions

 

Website – The site located at https://graceconroy.com, including all subdomains, forms, and integrated tools.

Provider / Practice / We / Us – Refers to Dr. Grace P. Conroy, PhD and authorized representatives of the practice.

Personal Data – Any information that identifies or could reasonably identify a person, such as name, email address, phone number, or IP address.

Protected Health Information (PHI) – Any health information that can be linked to an individual and is used, disclosed, or transmitted in the course of providing healthcare services, as defined by HIPAA.

Cookies – Small data files stored on your browser or device that help websites remember user behavior or preferences.

Google Analytics – A web-based service from Google that collects and reports website traffic and user behavior data.

Processing – Any action taken with personal data, including collecting, storing, using, or deleting it.

GDPR – The General Data Protection Regulation, which governs data rights and protections for individuals in the European Union.

CCPA – The California Consumer Privacy Act, which provides privacy rights to California residents.

3. Information We Collect

 

When you use our website or contact us, we may collect the following:

  • Name
  • Email address
  • Phone number
  • Content of your inquiry
  • IP address and browser/device information (via analytics tools)

If you provide health-related information, it may be considered PHI and handled under strict HIPAA protections.

4. How We Use Your Information

 

We may use your personal data to:

  • Respond to inquiries and appointment requests
  • Improve website functionality and user experience
  • Monitor site traffic and performance
  • Comply with legal obligations
  • Protect against fraud or unauthorized access

PHI will only be used for treatment, payment, or healthcare operations in accordance with HIPAA regulations.

5. HIPAA Compliance

 

Dr. Grace P. Conroy, PhD is a covered entity under HIPAA. We take the confidentiality of your Protected Health Information (PHI) seriously and protect it through administrative, technical, and physical safeguards. We do not disclose PHI without your written consent unless permitted or required by law.

For more information on your HIPAA rights, visit: https://www.hhs.gov/hipaa/for-individuals/index.html

6. Google Analytics

 

This website uses Google Analytics to collect anonymous usage data. This may include:

  • IP address
  • Browser type and version
  • Operating system
  • Referral URL
  • Time spent on pages

Google’s privacy policy: https://policies.google.com/technologies/partner-sites

To opt out: https://tools.google.com/dlpage/gaoptout

7. Cookies and Tracking

 

Cookies help us understand website performance and enhance user experience. You can control or delete cookies in your browser settings. Disabling cookies may limit functionality.

8. Information Sharing & Third-Party Disclosure

 

We do not sell or rent your personal data. We may share your information with:

  • IT service providers who help maintain this website
  • Analytics platforms (e.g., Google Analytics)
  • Legal authorities if required by law

All service providers are contractually required to maintain confidentiality and comply with applicable privacy laws, including HIPAA when PHI is involved.

9. Your Rights Under GDPR and CCPA

 

Under GDPR (EU residents):

  • Right to access and correct your personal data
  • Right to withdraw consent at any time
  • Right to object to data processing
  • Right to data portability
  • Right to request erasure of your data

Under CCPA (California residents):

  • Right to know what personal data is collected and how it is used
  • Right to request deletion of your data
  • Right to opt-out of data sales (we do not sell data)
  • Right to non-discriminatory treatment

To exercise any of these rights, email us at [email protected]

10. You Have the Right to Delete or Request That We Assist in Deleting the Personal Data That We Have Collected About You

 

You may request deletion of your personal data at any time. Please note:

  • We may be required to retain certain information under HIPAA or state law for medical records retention.
  • We will confirm your identity before fulfilling any deletion request.

Contact us at [email protected] for assistance.

11. Links to Other Websites

 

Our website may contain links to external sites for your convenience. We are not responsible for the privacy policies or content of third-party websites. We recommend reviewing their privacy terms before providing any personal data.

12. Children’s Privacy

 

This website is not intended for individuals under 13 years of age. We do not knowingly collect information from children. If we become aware that data has been submitted by a child, we will delete it promptly.

13. Data Security

 

We employ industry-standard security protocols, including SSL encryption, secure hosting, and limited access controls to protect your information. However, no online transmission is completely secure. Use is at your own risk.

14. Updates to This Privacy Policy

 

We reserve the right to modify this policy. Any changes will be posted on this page with a new effective date. Continued use of the website constitutes acceptance of any updates.

Effective date: 6/16/2025