Privacy Policy

Privacy Policy

Your privacy is important to us. It is the policy of Gatto Acupuncture & Wellness (“we,” “us,” or “our”) to respect your privacy regarding any information we may collect from you across our website, https://www.gattoacu.com (the “Site”).

1. Who We Are

Our website address is https://www.gattoacu.com. We operate as a wellness and acupuncture practice based in New Jersey, committed to protecting the privacy and confidentiality of all visitors and patients.

2. Information We Collect

We only collect personal information when it is necessary to provide a service or respond to your request. Information may include:

• Name
• Email address
• Phone number
• Health-related information or reason for inquiry that you voluntarily provide through our contact or booking forms

All information is collected by fair and lawful means, with your knowledge and consent. We will always explain why we are collecting it and how it will be used.

3. How We Use Your Information

We use the information we collect to:

• Respond to your inquiries and appointment requests
• Schedule and manage appointments or communications
• Improve our website and overall service quality
• Send occasional marketing updates, only if you have opted in to receive them

We do not sell, rent, or trade your personal information to any third parties.

4. Health Information & HIPAA Notice

We take the privacy of your health information seriously. Any health or medical details shared with us—whether through online forms, emails, or in person—are handled in compliance with applicable privacy laws and consistent with the principles of the Health Insurance Portability and Accountability Act (HIPAA).

Please note that communications through standard website forms or email are not encrypted and may not be 100% secure. For sensitive medical or personal matters, we recommend contacting our office directly by phone.

5. Booking and Payment Platforms

We may use third-party scheduling or payment platforms to manage appointments, process transactions, or handle related administrative functions.

All third-party systems we select will be required to meet industry-standard security, encryption, and privacy practices—and, when applicable, maintain HIPAA compliance for handling protected health information (PHI).

These platforms may collect limited personal data (such as your name, contact information, and payment details) solely for the purpose of scheduling or billing. They are contractually prohibited from using this data for any other purpose.

6. Cookies and Analytics

Our website may use cookies and similar technologies to enhance your browsing experience, remember your preferences, and measure site traffic and performance.

You can choose to disable cookies in your browser settings, but some parts of the site may not function properly without them.

We may also use third-party tools (such as Google Analytics) to analyze site usage. These services collect non-identifying information such as browser type, device, and general location. No personal health or identifying information is shared through these tools.

7. Embedded Content from Other Websites

Pages on this site may include embedded content (e.g., videos, maps, or articles). Embedded content behaves as if the visitor has visited the other website directly. Those sites may collect data about you, use cookies, and track your interaction. We do not control or assume responsibility for how third-party websites handle your data.

8. Data Sharing

We do not share your personal information with any third party except:

• When required by law or court order
• When necessary to process your appointment or provide a requested service (e.g., payment or scheduling platforms)

In such cases, we ensure all partners or vendors uphold appropriate confidentiality and data protection standards.

9. Data Retention

We retain personal information only as long as necessary to fulfill the purpose for which it was collected or to comply with legal, tax, or regulatory obligations.

If you leave a comment or create an account (if applicable), the associated data may be stored indefinitely to streamline future interactions.

10. Your Rights

You have the right to:

• Request a copy of the personal data we hold about you
• Request correction or deletion of your data
• Withdraw consent for marketing communications at any time

Requests can be submitted through our Contact page. We may require verification of your identity before fulfilling data-related requests.

11. Data Security

We implement reasonable administrative, physical, and technical safeguards to protect your information from unauthorized access, alteration, or disclosure. However, no internet transmission or electronic storage method is completely secure, and we cannot guarantee absolute security.

12. Where Your Data Is Sent

Visitor comments may be checked through an automated spam detection service. We may also use secure, HIPAA-compliant software tools for scheduling, communication, or contact management when appropriate.

13. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised effective date.

14. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy, please contact us using the information provided on our Contact page.