Privacy Policy
Last updated: [Apr. 24, 2026]
1. Introduction
Your privacy is important to me. This policy explains how I collect, use, and protect your personal information in the course of providing psychotherapy services and operating this website. It applies to clients located in Canada and to visitors of this site.
If you have any questions about this policy, you can contact me at CinziaArcuriPsychotherapy@gmail.com
Part A – Privacy of Your Health Information (PHIPA)
2. Personal Health Information
As a regulated health professional in Ontario, I am required to follow the Personal Health Information Protection Act, 2004 (PHIPA) and the professional standards of the College of Registered Psychotherapists of Ontario (CRPO).
“Personal health information” is identifying information about you that relates to your health and the care you receive. This can include, for example:
-
Information about your physical or mental health, including family history
-
Information about the psychotherapy services you receive
-
Health card number (if collected)
-
Contact information and other details in your clinical record
-
Information about payments or coverage for services
-
The name and contact details of your substitute decision‑maker, if applicable
3. What I Collect and Why
I collect, use, and disclose personal health information in ways that are reasonably necessary to provide psychotherapy services and operate a safe and accountable practice.
I may collect:
-
Your name, contact information, and date of birth
-
Emergency contact information
-
Information about your history, current concerns, and goals for therapy
-
Clinical notes, treatment plans, and progress records
-
Appointment and billing information
I use this information to:
-
Provide psychotherapy services and keep an accurate clinical record
-
Understand your needs and plan care with you
-
Communicate with you about appointments and related matters
-
Process payments where applicable
-
Meet regulatory and legal requirements (for example, record‑keeping standards)
I collect only what is reasonably necessary for these purposes.
4. How Your Health Information Is Stored and Protected
I take reasonable steps to protect your personal health information against loss, theft, and unauthorized access.
-
Clinical notes and appointment information are stored in Jane, a secure practice management platform designed for health professionals.
-
Access to your clinical record in Jane is restricted (for example, password‑protected and role‑based).
-
Where paper records exist, they are stored securely and access is limited.
-
Electronic information is protected with appropriate safeguards (for example, encrypted connections and secure devices).
No method of storage is entirely risk‑free, but safeguards are in place to reduce the risk of unauthorized access, use, or disclosure.
5. Confidentiality and Limits
Information you share in psychotherapy is confidential. Your clinical record is kept securely and is not shared without your consent, except in specific situations where disclosure is required or permitted by law. These situations can include, for example:
-
If there is reason to believe there is an imminent risk of serious harm to you or someone else
-
Situations involving suspected abuse or neglect of a child or other person who is legally protected
-
If your records are ordered to be produced by a court or other lawful authority
-
Certain reporting obligations to regulatory bodies or government agencies
Whenever possible, I will discuss these limits with you and let you know if I need to act on any of them, unless doing so would increase the risk of harm.
6. Retention and Destruction of Records
Clinical records are kept for the time periods required by law and professional standards. Generally, records are kept for at least 10 years from the date of the last contact, or 10 years from the date a minor client turns 18, whichever is later.
Once the legal retention period has passed, records are securely destroyed. Paper records are shredded or otherwise destroyed so they cannot be reconstructed, and electronic records are deleted or overwritten so they cannot be recovered.
7. Your Right to Access and Request Corrections
With some limited exceptions, you have the right to:
-
Request access to your clinical record
-
Receive an explanation of the information in your record
-
Request corrections to information you believe is inaccurate or incomplete
You may be asked to put your request in writing, and you may be asked to provide identification before access is granted. If there is a fee for preparing a copy or summary of your record, you will be informed in advance.
If we agree that a correction is needed, it will be made and, where appropriate, anyone who received the incorrect information will be notified. If a requested correction is not made, your request and a brief statement of your concerns will be added to your record.
8. If There Is a Privacy Breach
Despite safeguards, if there is a loss, theft, or unauthorized access to your personal health information, I will:
-
Take steps to contain and investigate the breach
-
Notify you as soon as reasonably possible, including providing information about what happened and how you can seek further support
-
Take steps to reduce the risk of future breaches (for example, updating policies or safeguards)
In some cases, I may also be required to notify the Information and Privacy Commissioner of Ontario and/or my regulatory College.
9. Questions, Concerns, or Complaints About Health Information
If you have questions or concerns about how your personal health information is handled, you can contact me directly at:
Cinzia Arcuri, Registered Psychotherapist (Qualifying)
Email: CinziaArcuriPsychotherapy@gmail.com
If your concerns are not resolved, you have the right to contact:
Information and Privacy Commissioner of Ontario
2 Bloor Street East, Suite 1400
Toronto, Ontario M4W 1A8
Telephone: 416‑326‑3333 or 1‑800‑387‑0073 (toll‑free in Ontario)
TTY: 416‑325‑7539
Fax: 416‑325‑9195
Website: www.ipc.on.ca
This Part A is made under the Personal Health Information Protection Act, 2004 (PHIPA).
Part B – Website Privacy & Cookies
10. Personal Information Collected Through the Website
When you visit this website or submit a contact form, certain information may be collected about you as a website user.
Information you may choose to provide:
-
Name
-
Email address
-
Phone Number (If we use phone sessions)
-
Service preferences
-
The message you send
Information collected automatically:
Like many websites, this site may use cookies and analytics tools to collect technical information such as:
-
IP address
-
Browser type and version
-
Pages visited and time spent on pages
-
General information about how visitors navigate the site
This information helps improve the site and understand how it is being used. It is not used to personally profile visitors or to sell data.
11. How Website Information Is Used
Website‑related personal information may be used to:
-
Respond to messages you send via the contact form
-
Provide and improve website content and user experience
-
Maintain website security and performance
-
Understand, in an aggregated way, how the site is used (for example, which pages are visited most often)
Your website information is not sold or rented to third parties.
12. Cookies
Cookies are small files stored on your device when you visit a website.
This site may use:
-
Essential cookies to help the site function (for example, security, basic performance)
-
Analytics cookies to understand how visitors use the site in an aggregated, non‑identifying way
You can control cookies through your browser settings, including blocking or deleting them. If you disable cookies, some site features may not work as intended, but you will still be able to view the site.
13. Third‑Party Services
This website and practice may use third‑party service providers such as:
-
Website hosting services
-
Email services
-
Analytics tools (for example, Google Analytics or similar)
-
Practice management software (Jane)
-
Payment processors (through Jane)
These service providers may have access to limited personal information as needed to perform their functions. They are expected to maintain appropriate privacy and security standards and are not permitted to use your information for their own marketing.
14. Marketing Communications
At this time, this website is primarily focused on providing information about psychotherapy services. If you ever have the option to subscribe to a newsletter or updates, you will be asked for your consent, and you may unsubscribe at any time using the link provided in those communications.
15. External Links
This website may contain links to other websites. I am not responsible for the privacy practices or content of external sites. If you follow a link to another website, their own privacy policy will apply.
16. Changes to This Privacy Policy
This privacy policy may be updated from time to time to reflect changes in legal requirements or in how the practice operates. The “Last updated” date at the top of this page will be changed when updates are made. Your continued use of the website or services after changes are posted indicates acceptance of the updated policy.