Privacy Policies
This Privacy Policy explains how we collect, use, share, and protect information when you use our website or contact us through it. It also explains important confidentiality limits that may apply if you become a client.
1) Website privacy vs. clinical privacy (important distinction)
• Website interactions (visiting pages, submitting a contact form) are governed by this Privacy Policy.
• Therapy services are governed by a separate Notice of Privacy Practices (NPP) and informed consent documents provided when you become a client, consistent with professional ethics and applicable health privacy laws (including HIPAA when applicable).
• Please do not submit sensitive clinical details (e.g., trauma history, diagnoses, substance use specifics) through website forms or standard email.
2) Information we collect
A. Information you choose to provide
When you use our forms, email, phone, or portal links, we may collect:
• Name, email, phone number
• Preferred contact method and availability
• General reason for inquiry (high-level)
• Location information you provide (especially relevant for telehealth requests)
B. Information collected automatically
Like most websites, we may collect:
• IP address, device/browser type, pages viewed, time on site, approximate location (city/state)
• Cookies or similar technologies for functionality and analytics (see Section 6)
3) How we use information
We use information to:
• Respond to inquiries and determine service fit/availability
• Provide requested information about services, scheduling, or billing
We aim to minimize data collection and handle information in a manner consistent with social work ethics around privacy, confidentiality, and transparency.
4) How we share information
We do not sell your personal information.
We may share information only as needed with:
A. Service providers (“vendors”)
We may use vendors to operate the website and practice systems, such as:
• Secure practice management/client portal (e.g., TherapyAppointment)
• Payment processing (e.g., Finix)
Vendors (TherapyAppointment, Finix) may process limited information on our behalf to provide their services. We choose vendors with privacy/security safeguards appropriate for healthcare and professional services.
B. With your authorization (clients and non-clients)
If you become a client, we generally share information only with your written authorization, except as permitted/required by law and described in your clinical paperwork, consistent with ethical standards.
C. As required or permitted by law (Arkansas & Oklahoma)
If you become a client (or if your message gives us sufficient information to trigger a legal obligation), confidentiality may have legal limits. Examples include:
Arkansas
• Child maltreatment reporting: Mandated reporters must immediately notify the Child Abuse Hotline with reasonable cause to suspect child maltreatment.
• Adult/long-term care maltreatment reporting: Required reports for maltreated adults/long-term care residents under Arkansas law.
• Duty to warn/protect: Arkansas law describes steps that can discharge a mental health provider’s duty when a patient threatens harm.
Oklahoma
• Child abuse/neglect reporting: Oklahoma requires reporting immediately when there is reason to believe a child is a victim of abuse/neglect.
• Vulnerable adult abuse/neglect/exploitation: Oklahoma requires reporting when there is reasonable cause to believe a vulnerable adult is being harmed.
• Mental health record confidentiality: Oklahoma law restricts disclosure of mental health information and requires disclosures to be limited to the minimum necessary in many circumstances.
We disclose only what is reasonably necessary and consistent with applicable law and professional ethics.
5) Telehealth privacy (Arkansas & Oklahoma)
If you request or receive telehealth:
• You may be asked to confirm your current physical location for safety and jurisdictional compliance.
• We will discuss technology risks/benefits and confidentiality protections as part of informed consent, consistent with NASW technology standards.
6) Cookies and analytics
We may use cookies and similar tools to:
• Keep the site functioning properly
• Understand website traffic and improve content
You can control cookies through your browser settings. Some site features may not function properly if cookies are disabled.
7) Security
We use reasonable administrative, technical, and physical safeguards to protect information. However, no website or email system can be guaranteed 100% secure. For this reason, please avoid sending highly sensitive information through website forms or standard email. NASW technology standards emphasize maintaining confidentiality policies and procedures consistent with law and ethical standards.
8) Data retention
We retain website inquiry information only as long as needed for administrative purposes, to respond to you, and to meet legal/ethical obligations. If you become a client, clinical records are retained according to applicable laws and professional standards (details are provided in your clinical paperwork).
9) Children’s privacy
This website is not directed to children under 18. If you believe a child has submitted information through this website, contact us and we will take appropriate steps to delete it where feasible.
10) Special protections for mental health and SUD information (if applicable)
If you become a client, mental health information receives heightened privacy protections under HIPAA in certain contexts, and “psychotherapy notes” have special protections.
If you provide substance use disorder (SUD) services, certain SUD treatment records may be protected by 42 CFR Part 2, which can impose stricter limits on disclosure in some circumstances.
11) Your choices
You may:
• Ask what information we have received from you via website inquiry
• Request corrections to obvious contact-info errors
• Request we delete an inquiry message where feasible (note: we may retain minimal documentation if required for legal/safety reasons)
We may update this Privacy Policy from time to time. Updates will be posted here with a revised Effective Date.
Privacy Policy effective date: February 1, 2026.
Contact:
Embodied Renewal Counseling
Krista Boncheff, LCSW, ADC
3740 Rogers Ave.
Fort Smith, AR 72903
479-262-0342