Privacy Policy

Schedule A Free Consultation

Thank you for your interest in my Privacy Policy. This Privacy Policy applies to my website, www.progressivetherapist.com operated by me, Eugene Belilovsky, operating agent of The Progressive Therapist, LLC who is acting as the data controller, and the third parties I am using to provide the website (“we”, “us”, “our”).

If you have any questions, please contact me using Eugene@progressivetherapist.com , call +1-914-296-0858 or use my Contact Form.

Background

This Privacy Policy describes our privacy practices in plain language, keeping legal and technical jargon to a minimum, to help make sure you understand the information provided. However, to achieve this objective I would like to explain the following three concepts.

  1. What is Personal Information?

Personal Information is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute Personal Information.

        2. What is Processing?

“Processing” means and covers virtually any handling of data.

       3. What law applies?

I act as the data controller in accordance with the New York Privacy Act (“NYPA”) and the EU’s General Data Protection Regulation (“GDPR”).

General Principles

a) Purpose and legal basis of processing

In accordance with the NYPA and GDPR we need to have both a purpose and a legal basis to process Personal Information. The purposes are:

  • providing the website and its functions and contents
  • responding to contact requests and communicating with my clients and website users
  • providing my services, resources, courses 
  • security measures

Of course, we can only do that if we have at least one of the following legal bases or, in other words, lawful reasons to do so. Unless specifically described below, we typically link the above purposes to one of the following:

  • consent
  • to fulfill my services and carry out contractual obligations
  • to fulfill my legal obligations
  • to protect our legitimate interests.

b) Security

My website uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, login data or contact requests that you send to us. 

I try to make sure that my website has appropriate security measures, however, internet-based data transmissions can always have security gaps, so absolute protection cannot be guaranteed. In this sense, databases or data sets that include Personal Information may be breached inadvertently or through wrongful intrusion.

Upon becoming aware of a data breach, I will plan to notify all affected individuals whose Personal Information may have been compromised as expeditiously as possible after which the breach was discovered.

c) Retention and Storage

I retain your Personal Information as necessary in connection with the purposes described in this Privacy Policy. Your data will be stored on my website and/or my management systems provided by SimplePractice, if you are a client and LearnDash, if you are using my course(s). This data processing is based on our legitimate interest in providing my service.

d) Minors

I do not generally work with minors as clients or request Personal Information from minors and children, unless verifiable parental or legal guardian consent is obtained through direct contact.  I also do not plan on knowingly collecting such data or passing it on to third parties, unless unless verifiable parental or legal guardian consent is obtained through direct contact.

e) Automated decision-making

Automated decision-making including profiling does not take place.

f) Do Not Sell

I do not sell your Personal Information.

g) Special Category Data

Unless it is specifically required and consent is obtained, for a particular service, I do not process special category data.  In terms of working with clients, there are some questions that I ask during intake, that maybe are considered to be special category data.  These questions are just so that I have a better understanding of a client’s background and for assisting in my work with a client.  A client is not required to answer these questions. 

h) International Transfer

In the course of my website operation, we process data. To my knowledge, we usually do not transfer Personal Information to countries outside the USA. However, if we do, I will plan to make sure that processing of your Personal Information is governed by Processing Agreements that include Standard Contractual Clauses for a high level of data protection.

i) Sharing and Disclosure

We will not disclose or otherwise distribute your Personal Information to third parties unless this is 1) necessary for the performance of my services etc. 2) you have consented to the disclosure, 3) or if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or other legal proceedings.

Data Collection and Processing

a) Data that is collected automatically

     i) Log files

Each time you visit my website, a number of general data and information is transmitted, even if you use my website for purely informational purposes. I only collect the general data and information that your browser transmits to my website’s server. This data and information that are collected are technically necessary for the display of my website to you and they serve the stability, security and danger or threat prevention in the event of attacks on my website.  Some examples are:

  • IP address
  • date and time of an access to the website
  • type and version of browser used
  • operating system used and its interface
  • the website from which an accessing system arrives at my website (so-called referrer)
  • sub-websites that are accessed via an accessing system on my website,
  • Internet service provider of the accessing system.

This data is deleted after the storage is no longer necessary for error analysis or danger or threat prevention. The legal basis for this data processing is my legitimate interest. When analyzing these general data and information, I do not draw any conclusions about you as a data subject.

     ii) Content Management System

We also use the Content Management System (CMS) of WordPress, a service provided by Automattic Inc, to publish and maintain the created and edited content and texts on our website. This means that all content and texts submitted to us is transferred to WordPress. This represents a legitimate interest.

     iii) Hosting

To provide my website, we use the services of T35 Hosting , who process the above-mentioned data and all data to be processed in connection with the operation of this website on my behalf. The legal basis for the data processing is my legitimate interest in providing my website. 

     iv) Cookies

We use so-called cookies on our website. Cookies are pieces of information that are transmitted from my web server or third-party web servers to your web browser and stored there for later retrieval. Cookies are generally categorized in different types and can broadly be considered as essential or non-essential. In accordance with the EU’s Privacy and Electronic Communications Directive (“PECD”), I need to obtain consent for the use of non-essential Cookies. Doing so, you should be prompted to make a selection on our use of cookies when you first visit my website by means of a Cookie Consent Management Tool operated by CookieYes. For further information on the Cookies we use, please refer to my Cookie Policy .

     v) When you watch my videos

On my website, we implement videos of the video portal “YouTube” of the company Google LLC. When you call up a page that has an embedded video, a connection is established to Google’s servers and in the process the content is displayed on the website by notifying your browser. According to Google’s information, in “extended data protection mode”, your data ( in particular which of our Internet pages you have visited as well as device-specific information including the IP address ), is only transmitted to the YouTube server in the USA when you watch the video. By clicking on the video, you consent to this transmission.

b) Data from third party sources

We may obtain data about you from third-party sources, such as from social networks, and other third parties. We may use this data to better analyze your user behavior to improve our ability to provide you with relevant marketing information and services, and to prevent and combat fraud.  This is written into this privacy policy, however, I do not really think there are many situations where I would need to use this clause. It is important for me to do my best to make sure I am running my business in an ethical manner and I take it seriously.

c) Data that is collected directly

     i) Contacting me

If you contact me, your transmitted Personal Information will be automatically stored for the purpose of processing the request or replying to you. Data processing for the purpose of contacting me is carried out on the basis of your voluntarily given consent or the initiation of a contractual service.

     ii) Social Media

I’m present on social media on the basis of my legitimate interest (currently YouTube, Facebook, LinkedIn, and Instagram). If you contact me via social media, I and the relevant social media platform are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. The legal basis is my legitimate interest, your consent, or, in some cases, the initiation of a contractual service, if any.

     iii) Online appointment booking via Acuity Scheduling

I use the service of Acuity Scheduling for the simplified booking of the free consultation appointments. By using this service, data is transferred to Acuity Scheduling. The processing of the data entered via Acuity Scheduling is thus exclusively based on a legitimate interest of simplified appointment arrangement. The data entered by you remains with us until you request us to delete it or the purpose for storing the data no longer applies.

     iv) Course(s)

My course(s) are provided using the services of LearnDash. In accordance with LearnDash’s Privacy Policy your data is stored at LearnDash, in their databases and applications on a secure server with up-to-date security standards. The legal basis for the use of the LearnDash service is the establishment and implementation of the user contract for the use of my course(s).

If you buy the online course(s), it is also possible for you to register for an account. For this purpose, you can choose a password together with your e-mail address/username, both of which will enable you to log in more easily in order to access the course(s) and making it easier in case there will be more courses etc. in the future that you would like to purchase. We store the data you enter to set up a customer account through which your orders are recorded, executed, and processed. We will hold your data for further orders as long as you have your account with us. The legal basis for the data processing is our contract and the fulfillment of our legal obligations.

     v) Payment Data

If you pay through my website for the course(s), your payment data will be processed via my payment service provider Stripe. Payment data  for purchasing of the course(s) will solely be processed through Stripe and we have no access to any Payment Data you may submit. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.  I do not process payments or take payment data for counseling sessions through my website.

     vi) Mailing list

If you join my mailing list, we process your name and e-mail address in order to potentially send various updates, newsletters, course launches etc.. I may send you newsletters and communications on a regular or occasional basis. Unsubscribing is possible at any time and can be done either by sending a message to me at Eugene@progressivetherapist.com  , or via a link provided for this purpose in the email that you receive. The relevant e-mails are sent using the services of Mailchimp by Intuit Inc. The legal basis for the processing of your Personal Information is your consent.

     vii) Administration, financial accounting, office organization, contact management

We process data in the context of administrative tasks as well as organization of our business, and compliance with legal obligations. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are our legal obligations and my legitimate interest.

     viii) Testimonials

If you choose to do a testimonial, within your testimonial you may be able to share certain details, knowledge, insights etc.. Content and data are publicly viewable. You have choices about the information on your testimonial. You are not required to provide a testimonial, and it is your choice whether to include sensitive information and to make it public. Please do not post or add personal data to your testimonial that you would not want to be publicly available/viewable. The legal basis for the storage is my legitimate interest and your consent.

Cooperation with Processors

We use content or service offers of third-party providers on the basis of our legitimate interests in order to integrate their content and services (“content”).

This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content.

The following provides an overview of third-party providers and their content, together with links to their privacy policies, which contain further information on the processing of data and so-called opt-out measures, if any :

 

Marketing

Insofar as you have also given me your consent to process your Personal Information for marketing and advertising purposes, I may be theoretically entitled to contact you for these purposes via the communication channels you have given your consent to.  Please note however, that it is very important for me to try do my best to run my business in an ethical manner and I take this seriously.  I do not plan to take any kind of action where I would treat a client/customer in some kind of unethical way that I would not want to be treated.

Your Rights and Privileges

      a) Privacy Rights

Under the NYPA, you can exercise the following rights:

  • Right to Notice
  • Right to Opt-In Consent
  • Right to Access, Correct Data
  • Right to Delete

Under the GDPR, you can exercise the following rights:

  • Right to information
  • Right to rectification
  • Right to object to processing
  • Right to deletion
  • Right to data portability
  • Right of objection
  • Right to withdraw consent
  • Right to complain to a supervisory authority
  • Right not to be subject to a decision based solely on automated processing

If you have any questions or if you want to enforce your right, please contact me at Eugene@progressivetherapist.com

     b) Updating your Information

If you believe that the information I hold about you is inaccurate or you would like to request its rectification, deletion, or object to its processing, please do so by contacting me at Eugene@progressivetherapist.com

     c) Withdrawing your Consent 

You can withdraw consents you have given at any time by contacting me at Eugene@progressivetherapist.com

     d) Access Request

In the event you want to make a Data Subject Access Request, please contact me at Eugene@progressivetherapist.com  .  I will plan to respond to requests regarding access and correction as soon as reasonably possible. Should I not be able to respond to your request within thirty (30) days, I will plan to tell you why and when I will be able to respond to your request. If I’m unable to provide you with any Personal Information or to make a correction requested by you, I will plan to tell you why.

     e)  Complaint to a Supervisory Authority

You have the right to complain about our processing of Personal Information to a supervisory authority responsible for data protection.

     f)  COPPA (Children Online Privacy Protection Act)

When it comes to the collection of PII from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. I do not plan to specifically market to children under the age of 13 years old. I also do not plan to allow users under the age of 13 to use my services unless verifiable parental or legal guardian consent is obtained through direct contact. I also do not knowingly collect any data from users under the age of 13, unless verifiable parental or legal guardian consent is obtained through direct contact.

     g) CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. To be in accordance with CANSPAM, I agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can email me at Eugene@progressivetherapist.com , and once I have received your request , I will remove you from ALL correspondence.

     h) Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (‘DNT’) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, my website does not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, I will plan to inform you about that practice in a revised version of this policy.

Changes

I may update this Privacy Policy from time to time. If I make changes to this Privacy Policy or we materially change our use of your Personal Information, I will plan to revise the Privacy Policy accordingly.

 

Questions?

If you have any questions about the processing of your Personal Information, please contact me at Eugene@progressivetherapist.com

Effective Date:  This Privacy Policy was last updated on Monday February 19th, 2024.

Scroll to Top