833-836-2290

Privacy Policy

Last Updated: 12/24/2025

MindVibe (“MindVibe”) or (“us”) provides a platform for individuals to learn about depression and anxiety, understand treatment options, and connect with a Healthcare Provider for clinical care if desired. This Privacy Policy explains our information practices, the kinds of information we collect, how we use and share that information, and your options regarding sharing your information.

Scope

This Privacy Policy covers personal information we handle during business operations, including our website (“Site”) and other online or
offline offers (“Services”). Any individually identifiable information that is provided to us for purposes of rendering clinical services (also referred to as “Protected Health Information” or “PHI”) is subject to MindVibe’s Notice of Privacy Practices. The Notice of Privacy Practices describes how MindVibe can use and share your PHI and describes your rights with respect to this information. The Notice of Privacy Practices (rather than this Privacy Policy) shall govern our privacy practices with regard to your protected health information. Suppose there are any discrepancies between laws that underlie this Privacy Policy and the Notice of Privacy Practices. In that case, MindVibe will comply with the request to the fullest extent permitted by all applicable laws.

Personal Information We Collect 

  1. Account Creation: When you create a user account, we collect your name, email, and password. This information is considered PHI and is governed by applicable state and federal laws, including HIPAA. We won’t share or use this information for marketing, advertising, or other use-based data mining reasons unless HIPAA and/or other laws allow us to. We will never sell PHI or any other information that could be used to find out who someone is.

  2. Communications with Us: We may collect personal information from you, such as your email address, phone number, or mailing address, when you request information about our Services, register for our newsletter, request customer or technical support, or otherwise communicate with us.

Automatically Collected Information 

  1. Automatic Data Collection: We may collect certain information automatically when you use the Site or Services, such as your IP address, user settings, device information, location information, and information about your use of the Site or Services.

  2. Cookies, Pixel Tags/Web Beacons, Analytics, and Interest-Based Advertising: We and third parties may use various technologies to automatically collect information for purposes such as operational necessity, performance assessment, functionality, and advertising or targeting.

How We Use Your Information 

We use your information for various purposes, such as managing your accounts, responding to your requests, providing access to our Site and Services, communicating with you, processing payments, and analyzing and improving our Site and Services. We may also use personal information to create de-identified and aggregated information.

Disclosing Your Information to Third Parties

  1. Healthcare Purposes: We may share your information with other covered entities involved in your treatment, payment, and/or healthcare operations.

  2. Business Associates: We may provide personal information or PHI to business associates we contract to help facilitate healthcare operations or jointly offer products or services. c. Advertising Partners: We may allow third-party advertising partners to collect information to improve advertising on our Site.

  3. Disclosures to Protect You, Us, or Others: We may disclose information as required by law to protect your, our, or others’ rights, property, or safety or to assist with an investigation or prosecution.

  4. Disclosure in the Event of Merger, Sale, or Other Asset Transfers: If we are involved in certain corporate transactions, your information may be transferred as part of such a transaction.

  5. International Data Transfers: Your information may be transferred, processed, and stored worldwide, including in countries with different data protection laws than where you live.

Update Privacy Policy With Specific Third-Party Categories

Recommendation:

  • List Third-Party Categories: You should clearly list all third-party categories, particularly those involved in advertising, analytics, and service improvement.
  • Specific Third-Party Providers: Identify the names of third-party providers where possible (e.g., Google Analytics, Facebook Ads), and detail their role in processing data.

     

Example Update to Privacy Policy:

“Mindvibe shares user information with third-party partners in the following categories:

  • Advertising Networks: Companies that serve advertisements to users based on their interests and behaviour across different websites.
  • Analytics Providers: Partners who help us track and analyse site usage and performance.
  • Service Improvement: Third-party providers that assist in improving and enhancing our platform by gathering feedback and usage data.
     A complete list of our third-party partners can be found on our website, and you can opt out of certain data-sharing practices through your account settings or by following the opt-out mechanisms detailed below.”

Identify Sensitive Data Uses (Analytics, Service Improvement)

Recommendation:

  • Identify Sensitive Data: Make sure to highlight what types of sensitive data might be used for analytics and service improvement. This could include personal health information, medical conditions, or even behavioural data related to mental health treatment.
  • Explain Data Uses: Explain how this sensitive data is being used and for what purposes, with specific reference to improving user experience, service effectiveness, or technical functionality.

     

Example Update to Privacy Policy:

“Certain sensitive data, such as health information, usage patterns, and interaction with mental health services, may be collected for analytics and service improvement purposes. This data helps us optimise your experience on the platform and improve the quality of our services. Any use of sensitive data will be handled in accordance with applicable privacy laws and with your consent.”

Review Ad Partner Contracts

Recommendation:

  • Ensure Full Disclosure: If Mindvibe uses ad partners or third-party advertising technologies (e.g., Google Ads, Facebook Ads, etc.), the policy should explicitly disclose the use of these partners and the kind of data that may be shared with them for targeted advertising purposes.
  • Contracts and Agreements: Review your ad tech contracts to ensure that they comply with data protection laws (such as GDPR, CCPA). These contracts should stipulate how user data will be collected, used, and shared, and they should require your ad partners to comply with applicable privacy laws.
  • Data Sharing Terms: Clearly outline whether personal or anonymised user data is shared with third parties for ad targeting, and if any specific categories of data (e.g., browsing behaviour, device information) are involved.

     

Example Addition to Privacy Policy:

“Mindvibe works with third-party advertising partners to display personalised advertisements on the platform. These partners may collect data about your usage of the site, including browsing behaviour, device information, and other online activities. Please note that this information is shared with our ad partners solely for advertising purposes. You may choose to limit or opt out of ad tracking through your device settings or by following the opt-out instructions provided by the third-party ad partners.”

Explicitly State If Ad Tech Usage Constitutes "Sharing"

Recommendation:

  • Clarify Data Sharing: It is essential to be clear whether the use of advertising technologies constitutes “sharing” of data, especially when third-party ad networks are involved.
  • “Sharing” Clarification: In the context of privacy policies, “sharing” typically refers to any transfer or provision of personal data to a third party, whether for advertising, analytics, or other purposes. This should be explicitly noted to avoid confusion.

     

Example Update to Privacy Policy:

“We may share certain information about your use of our services with third-party advertising networks and analytics providers. This sharing may include information such as browsing activity, device identifiers, and user preferences, which are used for delivering relevant ads and improving our services.”

Create Opt-Out Mechanism Separate from Clinical Care

Recommendation:

  • Separate Opt-Out Mechanism: Users should have the ability to opt out of certain data practices, especially those related to advertising or analytics, without impacting their access to clinical care. This ensures that data-sharing preferences do not compromise the core therapeutic experience.
  • Clearly Separate: The opt-out mechanism should be distinct from any actions related to clinical services (e.g., booking therapy sessions or consultations).

     

Example Addition to Privacy Policy:

“You may opt out of the collection of non-essential data, such as that used for advertising and analytics purposes, without affecting your access to clinical services. To manage your preferences, visit the ‘Privacy Settings’ section of your account, where you can adjust your data-sharing preferences. If you opt out of certain non-clinical data uses, your clinical care, including therapy sessions and consultations, will not be impacted.”

Update Privacy Policy to Reflect Opt-Out Right

Recommendation:

  • Clear Opt-Out Right: Clearly state the right of users to opt out of data collection or sharing practices related to advertising and analytics, and provide detailed instructions on how they can exercise this right.
  • Access Control: Users should have control over what data is collected and shared, with a user-friendly mechanism for opting out at any time.

     

Example Update to Privacy Policy:

“You have the right to opt out of certain data collection and sharing practices at any time. To exercise this right, please visit the ‘Privacy Settings’ section in your account dashboard or follow the instructions provided by our third-party partners. Opting out will not affect your ability to access clinical care on Mindvibe, including therapy sessions and consultations. Please note that opting out may affect the personalised advertising and analytics services we provide.”

Final Recommendations:

After making these updates, it is important to:

  • Review the Policy Regularly: Regularly audit your contracts with ad tech partners and third-party vendors to ensure compliance with any new privacy regulations (e.g., CCPA, GDPR).
  • User Notifications: Notify users of updates to the privacy policy via email or platform notification, especially when there are significant changes that could affect their privacy or data usage preferences.

Ad Tech, Data Sharing, and Analytics

Mindvibe may use third-party advertising and analytics partners to improve our services and deliver personalised content. These third parties may collect certain information, such as browsing behaviour, device identifiers, and usage patterns. Data shared with these partners is used solely for improving our services and for advertising purposes.

Third-Party Data Sharing
 We share information with the following third-party categories:

  • Advertising Networks: To deliver personalised ads to you across websites and apps.
  • Analytics Providers: To understand how users interact with the platform and improve user experience.
  • Service Improvement: Data that helps us improve platform features, services, and content.

Opt-Out Mechanism
 You may choose to opt out of non-essential data collection, including advertising and analytics, without affecting your access to clinical services. Visit your Privacy Settings on the platform to manage your preferences and exercise your right to opt out.

Your Choices 

  1. General: You can withdraw consent for the processing of your personal information at any time, but we may still collect and use non-personal information.
  2. Email Communications: You can opt out of promotional emails but will continue receiving certain transactional emails.
  3. Mobile and Other Devices: You can manage the App’s access to your device data, such as health metrics, at any time.
  4. Do Not Track: We do not respond to or honor Do Not Track signals.
  5. Your Privacy Rights: Depending on your location, you may have rights to request information, correction, amendment, or erasure of your personal information.

Texas Residents' Privacy Rights

If you are a resident of Texas, the Texas Data Privacy and Security Act (TDPSA) provides you with specific rights regarding your personal data. This section supplements our general Privacy Policy and applies solely to Texas residents.

1. Your Rights Under TDPSA

As a Texas resident, you have the right to:

  • Confirm whether we are processing your personal data and to access that data.
  • Correct inaccuracies in your personal data, taking into account the nature of the personal data and the purposes of the processing.
  • Delete personal data provided by or obtained about you.
  • Obtain a copy of your personal data that you previously provided to us in a portable and, to the extent technically feasible, readily usable format.
  • Opt-out of the processing of the personal data for purposes of:
      • Targeted advertising;
      • The sale of personal data; or
      • Profiling in furtherance of a decision that produces a legal or similarly significant effect concerning you.

2. Your Rights Under TDPSA

To exercise any of these rights, please submit a request by:

We will respond to your request without undue delay and within 45 days of receipt. We may extend this period by an additional 45 days when reasonably necessary, taking into account the complexity and number of your requests.

3. Appeal Process

If we decline to take action regarding your request, we will inform you of our decision and reasoning. You have the right to appeal our decision by contacting us at privacy@mindvibe.com with the subject line “Privacy Appeal.” Within 60 days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal.

4. Universal Opt-Out Mechanisms

We recognize and honor universal opt-out mechanisms, such as the Global Privacy Control (GPC). If your browser sends a GPC signal, we will automatically treat this as a valid request to opt-out of the sale of your personal data and/or the processing of your data for targeted advertising.

5. Sensitive Data

We may process sensitive data, including data revealing a mental or physical health diagnosis. We will not process your sensitive data without your consent, which we obtain when you register for our services or provide such information directly to us. You may withdraw this consent at any time, subject to legal or contractual restrictions and reasonable notice.

California Residents' Privacy Rights

This section applies only to California residents. It describes how we collect, use, and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA, such as Protected Health Information (PHI) covered by HIPAA.

1. Your California Privacy Rights

As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law.

  • Right to Know: You have the right to request that we disclose what Personal Information we collect, use, disclose, and sell/share.
  • Right to Delete: You have the right to request the deletion of your Personal Information that we collect or maintain, subject to certain exceptions.
  • Right to Correct: You have the right to request that we correct inaccurate Personal Information that we maintain about you.
  • Right to Opt-Out of Sale/Sharing: You have the right to opt-out of the “sale” or “sharing” of your Personal Information.
  • Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of your Sensitive Personal Information to that which is necessary to perform the services or provide the goods reasonably expected by an average consumer.
  • Right to Non-Discrimination: You have the right not to receive discriminatory treatment for the exercise of your privacy rights.

2. “Selling” and “Sharing” of Personal Information

MindVibe does not sell your Personal Information in the traditional sense (i.e., for money). However, we may use third-party advertising partners who use cookies and similar technologies to collect information about your visits to our Site to provide you with relevant advertisements. This may be considered “sharing” or “selling” under the CCPA.

  • Categories of Personal Information Sold/Shared: Identifiers (e.g., IP address, cookie ID), Internet or other electronic network activity information.
  • Categories of Third Parties: Advertising networks, social media platforms, analytics providers.

You may opt-out of this “sharing” by clicking the “Do Not Sell or Share My Personal Information” link in our website footer or by enabling the Global Privacy Control (GPC) signal in your browser.

3. Verification

To protect your privacy, we will take the following steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

4. Authorized Agent

You may designate an authorized agent to make a request on your behalf. To do so, you must provide the agent with written permission to do so and verify your own identity directly with us.

Privacy Preferences

You may manage your privacy preferences at any time, including opting out of the sale or sharing of personal data, targeted advertising, and profiling, by visiting our Privacy Preferences page.
Manage Privacy Preferences

Data Retention 

We store your personal information for as long as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, comply with applicable laws, and for other legitimate business purposes.

Security of Your Information 

We take steps to ensure the security of your information but cannot guarantee absolute protection. Using our Site or Services, you agree to our electronic communications regarding security, privacy, and administrative issues.

Changes to Our Privacy Policy 

We may revise this Privacy Policy occasionally and notify you of any material changes as required by law.

CONTACT US

If you have any questions about our privacy practices or this Privacy Policy or want to exercise your rights under this policy, please contact the Member Support staff at 866-572-0807.

Scroll to Top