img

Privacy Policy

    Online Privacy Policy

    Last Updated: December 30, 2025

    Bright Path Behavioral Health values the privacy of our website visitors and clients. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.brightpathbh.com or use our online services. We are committed to protecting your privacy and maintaining transparency about our data practices.

    We reserve the right to update this Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We encourage you to review this page regularly to stay informed. If we make material changes to how we handle your personal information, we will notify you by email and/or by posting a notice on our website prior to the changes becoming effective. Your continued use of our website after such modifications constitutes your acceptance of the updated Policy.

    This Policy applies specifically to information collected through www.brightpathbh.com. It does not apply to information collected offline or through other channels, nor does it govern practices of third-party websites we may link to. We encourage you to review the privacy policies of any external sites you visit.


    Information We Collect


    Personal Information You Provide


    We collect information that you voluntarily provide when you use our website, request information about our services, or communicate with us. This may include:

    Your name, email address, phone number, mailing address, date of birth, insurance provider information, policy numbers, and any other information you choose to provide in contact forms, appointment requests, or other communications. When submitting information on behalf of a loved one, we may also collect the patient's name, date of birth, and relationship to you.


    Information Automatically Collected


    When you visit our website, we automatically collect certain technical information through cookies, web beacons, and similar technologies. This includes your IP address, browser type and version, operating system, device information, referring website addresses, pages viewed, time spent on pages, access times, and other diagnostic data that helps us understand how visitors use our website.


    Analytics and Tracking Technologies


    We use Microsoft Clarity and other analytics services to understand how users interact with our website. These services collect information about your browsing behavior, including mouse movements, clicks, and scrolling patterns. This data is aggregated and used to improve our website functionality and user experience.


    Social Media Features


    Our website includes social media features and widgets from platforms such as Facebook and Instagram. These features may collect your IP address and browsing information, and are governed by the privacy policies of their respective providers.


    How We Use Your Information


    We use the information we collect for the following purposes:

    To respond to your inquiries and provide you with information about our services and programs. To process admissions requests and facilitate enrollment in our treatment programs. To communicate with you about appointments, treatment schedules, and program updates. To verify insurance coverage and process billing for services rendered. To improve our website, services, and patient experience through analysis of usage patterns and feedback. To send you newsletters, promotional materials, and educational content about adolescent mental health when you have provided consent. To comply with legal obligations, protect our rights and property, prevent fraud, and ensure the safety of our patients and staff.

    We maintain legitimate interests in using your data to operate our behavioral health facility, improve our services, and fulfill our mission of providing quality mental health treatment to adolescents.


    Legal Basis for Processing (GDPR Compliance)


    For users in the European Economic Area, our legal basis for collecting and using personal information depends on the specific information and context. We process personal information based on your consent, to fulfill contractual obligations, to comply with legal requirements, or for legitimate business interests that do not override your data protection rights.


    How We Share Your Information


    We do not sell, rent, or lease your personal information to third parties. We may share your information in the following limited circumstances:

    With healthcare providers, insurance companies, and other entities as necessary to coordinate care and process insurance claims, in compliance with HIPAA regulations. With service providers and contractors who assist us in operating our website, conducting business activities, or servicing you, provided these parties agree to maintain confidentiality. With professional advisors, auditors, and consultants who have agreed to keep information confidential. When required by law, regulation, legal process, or governmental request. To enforce our terms of service, protect our rights and property, investigate fraud, or ensure the safety of our patients, staff, or others. In connection with a business transaction such as a merger, sale, or acquisition, where the receiving party agrees to honor this Privacy Policy.


    Protected Health Information and HIPAA


    When you become a patient at Bright Path Behavioral Health, additional privacy protections apply to your protected health information under the Health Insurance Portability and Accountability Act (HIPAA). Our HIPAA Notice of Privacy Practices, which is separate from this website Privacy Policy, provides detailed information about how we use and disclose your health information. You can review our HIPAA Policy at www.brightpathbh.com/policies/hipaa-policy/.


    Data Retention


    We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of information, the nature of our relationship with you, and applicable legal requirements. Website inquiry data is typically retained for up to three years, while patient health records are retained according to applicable healthcare regulations and North Carolina state law.


    Your Privacy Rights and Choices


    Access and Correction


    You have the right to request access to the personal information we hold about you and to request corrections if the information is inaccurate or incomplete.


    Opt-Out of Marketing Communications


    You may unsubscribe from our marketing emails at any time by clicking the unsubscribe link in the email or by contacting us at [email protected]. Please note that even if you opt out of marketing communications, we may still send you non-promotional messages related to your care, account, or our ongoing business relationship.


    Cookie Management


    Most web browsers allow you to control cookies through their settings. You can configure your browser to refuse all cookies or to alert you when cookies are being sent. However, disabling cookies may limit your ability to use certain features of our website.


    Do Not Track Signals


    Our website does not currently respond to Do Not Track signals from web browsers.


    GDPR Rights (European Users)


    If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation, including the right to access your data, the right to rectification of inaccurate data, the right to erasure ("right to be forgotten") under certain circumstances, the right to restrict processing, the right to data portability, and the right to object to processing based on legitimate interests.


    CCPA Rights (California Users)


    California residents have rights under the California Consumer Privacy Act, including the right to know what personal information we collect, use, and disclose, the right to request deletion of personal information, the right to opt out of the sale of personal information (note: we do not sell personal information), and the right to non-discrimination for exercising CCPA rights.


    Information Security


    We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit using Secure Socket Layer (SSL) technology, secure storage of sensitive information, restricted access to personal information limited to employees and contractors who need it to perform their duties, regular security assessments and updates to our systems, and employee training on privacy and security practices.

    While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we continuously work to improve our security practices and respond promptly to potential vulnerabilities.


    Third-Party Websites and Services


    Our website may contain links to third-party websites, including social media platforms, payment processors, and other resources. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit before providing any personal information.


    Minors and Parental Consent


    Our services are specifically designed for adolescents experiencing mental health challenges. When a minor under the age of 18 seeks treatment at Bright Path Behavioral Health, we require parental or legal guardian consent for the collection and use of their information. We are committed to protecting the privacy of minor patients in accordance with applicable laws and ethical standards.

    Our website is not directed to children under the age of 13 for independent use. We do not knowingly collect personal information from children under 13 without parental consent. If we become aware that we have collected information from a child under 13 without proper consent, we will take steps to delete such information promptly.


    Data Breach Notification


    In the event of a data breach that affects your personal information, we will notify affected individuals and relevant regulatory authorities as required by applicable law. We maintain an incident response plan to address potential security incidents promptly and effectively.


    International Data Transfers


    Our operations are primarily located in the United States. If you are accessing our website from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using our website, you consent to the transfer of your information to the United States.


    Changes to This Privacy Policy


    We will update the "Last Updated" date at the top of this Privacy Policy when we make changes. For material changes that significantly affect your rights or how we use your information, we will provide more prominent notice, including email notification to registered users or a notice on our homepage. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.


    Contact Information


    If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

    Bright Path Behavioral Health
    203 Capcom Avenue, Suite 104
    Wake Forest, NC 27587

    For specific inquiries about your personal information rights, please include "Privacy Request" in your email subject line or mention it when calling so we can direct your inquiry appropriately.


    Additional Policies


    For more information about our practices and standards, please review our additional policies: