Privacy Policy

Privacy Policy for JustBreatheCenters.org
Last Updated: [Insert Date]
Thank you for visiting JustBreatheCenters.org. Your privacy is important to us. This Privacy
Policy describes how we collect, use, disclose, and protect your information when you use our
website and our services.
1. Information We Collect
a) Personal Information You Provide
 Name, email, phone, mailing address
 Date of birth, demographic details
 Information entered in forms or messages (e.g. contact form, intake)
b) Automatically Collected / Usage Information
 IP address, browser type/version, pages visited, timestamps
 Device identifiers, operating system
 Cookies, web beacons, and tracking technologies
c) Third-Party / Partner Information
 If you link or sign in via external services (e.g. Google, Facebook), we may receive your
public profile, name, email, etc.
 Analytics, advertising, or other third parties may provide aggregated or anonymized data
2. Purpose of Using Your Information
We use your information to:
 Respond to your inquiries, schedule services, communicate with you
 Provide, maintain, and improve the website and services
 Send newsletters or updates (with your consent)
 Comply with legal obligations, resolve disputes, enforce our agreements
 Monitor security, detect fraud, technical issues
 Perform business analytics
3. Legal Basis & State Law Considerations
Under applicable laws, we rely on consent, performance of a service contract, legitimate interests
(where allowed), and legal obligations as legal bases for processing.
Because your state is Virginia, note:
 Virginia recognizes a statutory right of privacy in health records. Under Va. Code § 32.1-
127.1:03, health care entities must protect the content of health records, and may only
disclose them under certain conditions. Virginia Law
 Virginia also imposes a specific Breach Notification requirement: if unencrypted or
unredacted medical information is acquired by an unauthorized person, the entity must
notify the affected individual, the Office of the Attorney General, and the Commissioner
of Health, unless the entity is subject to HIPAA’s breach rules. Virginia Law
 In Virginia, general privacy or consumer data protection laws may not apply to PHI
handled by HIPAA-covered entities, but may apply to non-PHI personal data. Davis
Wright Tremaine+1
 Also, Virginia has recently legislated stricter rules regarding reproductive or sexual
health information under SB 754 (effective July 1, 2025), stating that personally
identifiable reproductive/sexual health information may not be collected, disclosed, sold,
or disseminated without consent. Orrick+1
We will comply with both federal HIPAA and applicable Virginia statutes.

4. Disclosure / Sharing of Information
We will not sell or rent your personal or health information. We may disclose it in the following
cases:
 Service Providers / Business Associates. We may engage third parties (e.g. hosting,
emailing,