The privacy of your personal information is important to Windhawk. We are committed to using and disclosing personal information responsibly and only to the extent necessary for the goods and services we provide. Also, it is our intent to be open and clear as to how we handle personal information. This document describes our privacy policies.
Who We Are
Our organization, Windhawk, uses a number of consultants and agencies that may, in the course of their duties, have limited access to personal information we hold. These include computer support technicians and website consultants, housekeeping staff, accountants, lawyers, contract employees and credit card companies. We restrict their access to any personal information we hold as much as is reasonably possible. We also have their assurance that they follow appropriate privacy principles.
WE COLLECT PERSONAL INFORMATION: PRIMARY PURPOSES
Like all Spas, Massage Therapists and Body Workers, we collect, use and disclose personal information in order to serve our clients.
WE COLLECT PERSONAL INFORMATION: RELATED AND SECONDARY PURPOSES
Like most organizations, we also collect, use and disclose information for purposes related to or secondary to our primary purposes. The most common examples of our related and secondary purposes are as follows:
Related and Secondary Purpose # 1: Recall Visits; to advise clients that their product or service should be reviewed (e.g. to ensure a product is still functioning properly and appropriate for their needs and to consider modifications or replacement).
Related and Secondary Purpose # 2: Special Events and Opportunities; to advise clients and others of special events and opportunities (e.g. a seminar, workshop or conference) that we have available.
Related and Secondary Purpose # 3: Quality Control and Risk Management; our organization reviews client and other files for the purpose of ensuring that we provide high quality services, including assessing the performance of our staff. In addition, external consultants (e.g. auditors, lawyers, practice consultants, voluntary accreditation programs) may on our behalf do audits and continuing quality improvement reviews of our organization, including reviewing client files and interviewing our staff.
Related and Secondary Purpose # 4: External Regulation; our organization, or its professional staff, is regulated by The Arizona Board of Massage Therapists who may inspect our records and interview our staff as a part of their regulatory activities in the public interest. In addition, as professionals, we will report serious misconduct, incompetence or incapacity of other organization or our own. Also, our organization believes that it should report information suggesting serious illegal behavior to the authorities. External regulators have their own strict privacy obligations. Sometimes these reports include personal information about our clients, or other individuals, to support the concern (e.g. improper services). Also, like all organizations, various government agencies have the authority to review our files and interview our staff as a part of their mandates. In these circumstances, we may consult with professionals (e.g. lawyer, accountants) who will investigate the matter and report back to us.
Related and Secondary Purpose # 5: Responding to Questions; Clients or other individuals we deal with may have questions about our goods/services after they have been received. We also provide ongoing services for many of our clients over a period of months or years for which previous records are helpful. We retain our client information for a minimum of ten years after the last contact to enable us to respond to those questions and provide these services. We destroy our information ten years after the last entry at the first reasonable opportunity in order to reduce the risk of accidental or inadvertent disclosure.
Related and Secondary Purpose # 6: Sale of Business; If the organization or its assets were to be sold, the purchaser would want to conduct a “due diligence” review of the organization’s records to ensure that it is a viable business that has been honestly portrayed to the purchaser. The purchaser would not be able to remove or record personal information. Before being provided access to the files, the purchaser must provide a written promise to keep all personal information confidential. Only reputable purchasers who have already agreed to buy the organization’s business or its asset would be provided access to personal information, and only for the purpose of completing their due diligence search prior to closing the purchase.
You can choose not to be part of some of these related or secondary purposes (e.g. by declining special offers or promotions, by paying for your services in advance). We do not, however, have much choice about some of these related or secondary purposes (e.g. external regulation).
PROTECTING PERSONAL INFORMATION
We understand the importance of protecting personal information. For that reason, we have taken the following steps:
1. Paper information is either under supervision or secured in a locked or restricted area.
2. Electronic hardware is either under supervision or secured in a locked or restricted area at all times. In addition, passwords are used on computers.
3. Paper information is transmitted through sealed, addressed envelopes or boxes by reputable companies.
4. Electronic information is transmitted through email or Internet communication with the consent of the person to whom the personal information relates.
6. External consultants and agencies with access to personal information must enter into privacy agreements with us.
RETENTION AND DESTRUCTION OF PERSONAL INFORMATION
We need to retain personal information for a period of time to ensure that we can answer any questions you might have about the services provided, and for our own accountability to external regulatory bodies. However, we do not want to keep personal information too long in order to protect your privacy. We keep our client files for about 7 years. We keep any personal information relating to our general correspondence with people who are not our clients, newsletters, seminars and marketing activities for about 18 months after the newsletter, seminar or marketing activity is over. We destroy paper files containing personal information by shredding. We destroy electronic information by deleting it and, when the hardware is discarded, we ensure that the hard drive is physically destroyed. Alternatively, we may send some or the entire client file to our client.
YOU CAN LOOK AT YOUR INFORMATION
With only a few exceptions, you have the right to see what personal information we hold about you. Often all you have to do is ask. We can help you identify what records we might have about you. We will also try to help you understand any information you do not understand (e.g. short forms, technical language, etc.). We will need to confirm your identity, if we do not know you, before providing you with this access. We reserve the right to charge a nominal fee for such requests.
If there is a problem, we may ask you to put your request in writing. If we cannot give you access, we will tell you within 30 days if at all possible and tell you the reason, as best we can, as to why we cannot give you access.
The information on this site and at Windhawk locations is provided for informational purposes and is not meant to substitute for the advice provided by your own physician or other medical professional.
Before using this information or any of the services in any important matter, users should carefully evaluate its accuracy, completeness and relevance. If necessary, users should obtain appropriate professional advice relevant to their information needs.
The information contained in this online site is intended to provide helpful health information for the general public and to provide information about Windhawk philosophy and available services. You should not use the information contained herein for diagnosing or treating a health problem or disease, or prescribing any medication. You should read carefully all product packaging. If you suspect that you have a medical problem, promptly contact your health care provider.
Information provided by Windhawk is made available with the understanding that the author and publisher as well as the owners of Windhawk are not engaged in rendering medical, health, psychological, or any other kind of personal professional services on this site or in any of Windhawk locations.
The information should not be considered complete and does not cover diseases, ailments, physical conditions or their treatment. It should not be used in place of a call or visit to a medical, health or other competent professional, who should be consulted before drawing inferences from it. Please consult your physician before starting any new wellness, exercise/fitness or lifestyle program. The products and services offered at Windhawk are not meant to replace medical treatments and are not meant to treat an illness or disease.
DO YOU HAVE A QUESTION?
We are happy to address any questions or concerns your might have. We can be reached at 480.603.1888.
If you wish to make a formal complaint about our privacy practices, you may make it in writing attention Customer Service. They will acknowledge receipt of your complaint; ensure that it is investigated promptly and provide you with a formal decision and reason in writing.
Regarding massage therapy or other services provided, if you have a concern about the professionalism or competence of our services, or the mental or physical capacity of any of our professional staff, we would ask you to discuss those concerns with us.
49 S. Sycamore, Suite 3
Mesa, AZ 85202