Privacy Policy

Effective Date: June 1, 2025

1. Introduction

We respect your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you visit our website and interact with us. It applies to users in Texas, Colorado, and elsewhere. By using this website, you consent to the practices described in this policy.

2. Who We Are

  • Lauren McKay, LPC, PLLC ("we," "us," "our")

  • Licensed in Texas and Colorado

  • Regulated by Texas Behavioral Health Executive Council and Colorado Department of Regulatory Agencies (DORA)

  • We act as the Data Controller for personal information we collect.

3. Data We Collect & How

We may collect the following information:

  • Personal Identifiers: name, email address, phone number, mailing address.

  • Health Information: voluntarily provided through appointment requests or inquiries.

  • Usage Data: IP address, device information, browser type, operating system.

  • Payment Information: processed securely via third-party service providers (see below).

We collect data via:

  • Contact and appointment request forms

  • Email communications

  • Analytics tools

  • Secure online payment processing

Note: Any sensitive health information you provide through this website or subsequent services is protected in compliance with applicable privacy laws, including HIPAA where applicable.

4. Purpose & Legal Basis

We use your data to:

  • Respond to inquiries and manage appointments

  • Process payments securely

  • Provide requested services

  • Improve website functionality and user experience

  • Comply with applicable legal, regulatory, and professional obligations

Under Colorado CPA and Texas TDPSA, we:

  • Limit collection to what is necessary for legitimate purposes

  • Conduct data protection assessments for certain sensitive processing activities

5. Your Rights Under State Law

Texas TDPSA (Effective July 1, 2024)

You have the right to:

  • Know what personal data we collect and how it is used

  • Access, correct, or delete your personal information

  • Opt out of the sale of personal or sensitive data (see note below)

  • Opt out of targeted advertising (see note below)

  • Receive responses to requests within 45 days, with possible extension

NOTE: We do not sell your personal information, nor do we use your data for targeted advertising.

Colorado CPA (Effective July 1, 2023)

You have the right to:

  • Access, correct, delete, or receive a copy (data portability) of your personal information

  • Opt out of sale, profiling, or targeted advertising (see note below)

  • Clear and accessible privacy notice

NOTE: We do not sell your personal information, nor do we use your data for targeted advertising or profiling.

All Users

  • You may withdraw consent at any time.

  • You may file complaints with relevant state agencies if you believe your data rights have been violated.

6. How to Exercise Your Rights

To submit a request related to your personal data, please contact us at:

We will respond to your request within 45 days. We reserve the right to charge a reasonable fee for repetitive or excessive requests.

7. Data Sharing & Third Parties

We may share your data with:

  • Service Providers: including but not limited to secure appointment scheduling platforms, electronic health record providers, and payment processors (e.g., Stripe).

  • Third-Party Payment Processor:

    Payments made through this website are processed by Stripe, a secure third-party payment processor. We do not directly store or process your financial information.

  • Legal Obligations: where disclosure is required by law, regulation, or legal process.

  • With your explicit consent in any other instance.

We do not sell your personal information to third parties.

8. Cookies & Tracking

Our website may use:

  • Functional Cookies: to operate the website and ensure basic functionality.

  • Analytics Cookies: such as Google Analytics, to collect aggregated website usage data.

  • Marketing Cookies: are not used without your explicit consent.

For Colorado residents, we honor recognized universal opt-out mechanisms (e.g., Global Privacy Control browser signals).

9. Security Measures

We maintain appropriate security measures to safeguard your personal data, including:

  • Technical, administrative, and physical security safeguards

  • Access control and encryption where applicable

  • HIPAA-compliant practices for any protected health information (PHI)

However, no method of transmission over the Internet or electronic storage is 100% secure.

10. Children's Privacy

We do not knowingly collect personal information from children under 13 years of age. If we learn that we have inadvertently collected such information, we will promptly delete it. We comply with the Children's Online Privacy Protection Act (COPPA).

11. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required for legal, contractual, or regulatory obligations, including healthcare records retention under applicable state law.

12. Links to Other Sites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of such external sites.

13. Updates to this Policy

We may update this Privacy Policy periodically to reflect changes in laws, regulations, or our practices. Any changes will be posted on this page with a revised effective date.

If you have any questions, concerns, or requests

regarding this Privacy Policy, please contact:

Lauren McKay, M.A., LPC

Email: lauren@laurenmckaylpc.com

Phone: 512-650-9055