Book an Appointment

Privacy Policy

Privacy Policy

Website Privacy Policy

Effective Date: December 1, 2025

This Website Privacy Policy (“Policy”) describes how Graceful Care Primary Services, LLC (“we,” “us,” or “our”) collects, uses, discloses, and protects information when you use our online services that link to this Policy, including our website [www.gracefulcareprimary.com], and any related online tools or forms (collectively, the “Online Services”).

This Policy applies only to information collected through our Online Services. It does not apply to information collected in our clinic, over the phone, or through other offline interactions, which may be governed by other policies and by our HIPAA Notice of Privacy Practices.

Our Online Services are intended for use in the United States. By using the Online Services, you consent to the collection, use, disclosure, and storage of information as described in this Policy.

1. Relationship to Health Privacy (HIPAA)

Some of the information we maintain is Protected Health Information (PHI) and is governed by the Health Insurance Portability and Accountability Act (HIPAA).

  • This Website Privacy Policy primarily addresses website and online usage data.

  • For information about how we use and protect your health information, please refer to our HIPAA Notice of Privacy Practices, which is available on this site and in our office.

If there is any conflict between this Policy and our HIPAA Notice of Privacy Practices with respect to PHI, the HIPAA Notice of Privacy Practices will control.

2. When This Policy Applies

This Policy applies to:

  • Online Services we own or operate that link to this Privacy Policy.

This Policy does not apply to:

  • Third-party websites, patient portals, mobile apps, or services that do not link to this Policy

  • Information collected offline (such as during office visits), which may be covered by other policies or HIPAA

  • Third-party social media sites, even if we maintain an official page or profile there

Links or integrations on our Online Services do not mean we endorse or control the privacy practices of those third parties.

3. Information We Collect

We may collect information in the following ways:

A. Information You Provide Directly

Examples include:

  • Name, email address, phone number, and other contact details

  • General reasons for your inquiry or appointment request

  • Information you type into contact forms, request forms, or secure messaging tools

  • Feedback, survey responses, or messages you send us

We ask that you do not include highly sensitive medical details in general contact forms. PHI should be shared only through approved, secure channels.

B. Information We Receive from Other Sources

Where applicable, we may pre-populate or display information that originates from:

  • Our internal records and practice management systems

  • Health records or data you provided in person or by paper

  • Integrated tools (e.g., patient portals) you access through our Online Services

C. Information Collected Automatically (Cookies, Logs, and Similar Technologies)

When you use our Online Services, we may automatically collect:

  • IP address and general location (e.g., city, state)

  • Device and browser type

  • Dates, times, and pages viewed

  • Referring URLs and clickstream data

  • Activity and usage patterns on our website

We may use cookies, pixels, web beacons, scripts, and similar technologies to:

  • Recognize your browser or device

  • Remember your preferences

  • Analyze how the site is used

  • Improve performance and user experience

You can adjust your browser settings to block or delete cookies, but some features of the site may not function properly if you do.

Do Not Track: Our Online Services do not currently respond to “Do Not Track” signals from web browsers, because there is no common industry standard for handling such signals.

D. Mobile / Location Data (If Applicable)

If we offer mobile or location-based features and you enable them, we may collect:

  • General or precise location information (e.g., to show nearby locations or driving directions)

You can disable location access through your device settings, but some features may not work without it.

E. Social Security Numbers (If Collected)

If we collect Social Security Numbers (for example, for billing or insurance purposes), we treat them as highly sensitive information and protect them through administrative, technical, and physical safeguards designed to prevent unauthorized access and disclosure.

4. How We Use Information

We may use the information we collect for purposes such as:

  • Responding to your inquiries, messages, or appointment requests

  • Providing and managing the Online Services and related features

  • Authenticating users and helping secure your account or session

  • Personalizing your experience on the site

  • Sending general practice updates, newsletters, or promotional communications if you opt in

  • Providing information about our services, events, or wellness programs

  • Conducting analytics, quality improvement, and usage reporting

  • Maintaining internal records and documentation

  • Complying with legal and regulatory obligations

  • Protecting the safety, rights, property, or security of our patients, staff, systems, and community

  • Supporting business operations, such as audits, security, and incident response

We may combine information collected online with information we have from other sources, where permitted by law, to improve our services and communications.

Marketing and PHI: We do not use your PHI for marketing purposes without your explicit written authorization, as required by HIPAA.

5. How We Share Information

We do not sell your personal information. We may share information as follows:

A. Service Providers and Vendors

We may share information with trusted third parties who help us:

  • Host or maintain our website and systems

  • Provide analytics, security, or IT services

  • Send emails, messages, or appointment reminders

  • Process forms or other submissions

These service providers are permitted to use the information only to perform services on our behalf and are expected to protect it appropriately. Where PHI is involved, we require a Business Associate Agreement (BAA) as required by HIPAA.

B. Affiliates and Professional Advisors

We may share information with related entities (if any) or professional advisors (such as auditors, attorneys, or consultants) for operational, compliance, or legal purposes.

C. Legal, Safety, and Compliance

We may disclose information:

  • When required by law, regulation, subpoena, or court order

  • To law enforcement or regulators as permitted or required

  • To protect the rights, property, or safety of our patients, staff, or others

  • To investigate or respond to suspected fraud, security incidents, or violations of law

D. Business Transfers

If we are involved in a merger, acquisition, reorganization, or sale of some or all of our practice, information we hold may be transferred as part of that transaction where permitted by law.

E. De-Identified and Aggregated Data

We may use and share data that has been de-identified or aggregated so that it does not reasonably identify you. We may use such data for analytics, research, and other lawful purposes.

6. Cookies, Analytics, and Tracking

We may use first-party and third-party cookies and analytics tools (such as Google Analytics) to:

  • Understand how visitors use our Online Services

  • Improve site performance and content

  • Measure engagement and traffic

You can learn more about managing cookies and targeted advertising through tools such as your browser settings and online opt-out mechanisms provided by certain ad networks or analytics services. Please note that opting out of targeted advertising does not mean you will no longer see ads; it means those ads may no longer be tailored to you based on your browsing behavior.

7. Communications and Preference Management

We may contact you using the contact information you provide through the Online Services:

  • To respond to your inquiries

  • To send appointment reminders or practice updates

  • To send newsletters, service announcements, or general health information (if you opt in)

You can opt out of promotional emails by following the unsubscribe instructions in the email or by contacting us. Some communications (such as appointment reminders, account notices, or legal notices) may be necessary and not subject to opt-out.

Email & SMS Risk: Some electronic communications may not be encrypted. By providing your email or phone number and requesting electronic communication, you acknowledge that there is some risk of unauthorized access or disclosure.

8. Data Retention

We retain information for as long as necessary to:

  • Fulfill the purposes described in this Policy

  • Provide services to you

  • Comply with legal, regulatory, and record-keeping obligations

  • Resolve disputes and enforce our policies

PHI retention is governed by applicable medical record and HIPAA requirements.

9. Protecting Your Information

We use administrative, technical, and physical safeguards designed to protect the information we collect through our Online Services. These measures vary based on the sensitivity of the information.

However, no website, app, or transmission over the internet is 100% secure. We cannot guarantee absolute security.

Your responsibilities:

  • Use strong, unique passwords where applicable

  • Log out of any patient portal or online account when finished

  • Protect the devices you use to access our Online Services

We are not responsible for unauthorized access that occurs because you failed to secure your devices or login credentials.

10. Children’s Privacy

Our Online Services are not directed to children under 13, and we do not knowingly collect personal information online from children under 13 without parental consent.

If you believe we have collected such information from a child under 13, please contact us so we can investigate and take appropriate action.

11. State-Specific Privacy Rights

Depending on where you live (for example, if you are a resident of certain U.S. states such as California), you may have additional rights regarding your personal information, such as the right to:

  • Request access to certain personal information we hold about you

  • Request deletion of certain personal information

  • Request information about how we share certain categories of personal information

To exercise these rights, please contact us using the information in the Contact Us section. We may need to verify your identity before fulfilling your request, and certain information may be exempt from such requests as required or permitted by law.

12. Social Media and External Sites

We may maintain pages or profiles on social media platforms (e.g., Facebook, Instagram, etc.). Content posted on such platforms:

  • Is subject to the platform’s own privacy policies

  • Should not include your personal medical details or sensitive information

Information shared on social media should never be used as a substitute for medical advice. Always contact us directly or consult a healthcare professional for personal medical concerns.

13. Changes to This Privacy Policy

We may update this Policy from time to time. When we do, we will revise the “Effective Date” at the top of the Policy. Material changes may also be communicated through additional notices (e.g., a notice on our website).

Your continued use of the Online Services after changes are posted constitutes your acceptance of the updated Policy.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact:

Graceful Care Primary Services, LLC
 7495 McLaughlin Road, Suite. 205 Falcon, Colorado
info@gracefulcareprimary.com : (719) 398-8222

For information about how we protect, use, and disclose your health information (PHI) and your related rights, please review our HIPAA Notice of Privacy Practices.

Scroll to Top