Privacy Policy
How we collect, use, and protect your personal and health information.
Last Updated: May 11, 2026
At Neuron Connect ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at neuron-connect.com or use our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our website.
1. Information We Collect
We may collect information about you in a variety of ways depending on how you interact with our website and services.
Personal Data
Personally identifiable information that you voluntarily provide when submitting contact forms, appointment requests, or patient intake documents. This includes your name, email address, phone number, mailing address, and date of birth.
Health and Medical Information
Information related to your neurological health, including reported symptoms, brain mapping results (qEEG data), neurofeedback session records, mental health history, injury history, treatment protocols, and clinical progress notes. This information is considered Protected Health Information (PHI) under HIPAA and is governed accordingly.
Derivative Data
Information our servers automatically collect when you access the website, such as your IP address, browser type, operating system, access timestamps, referring URLs, and the pages you viewed directly before and after accessing the site.
Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect information about your browsing behavior, page interactions, and preferences. For full details, see Section 5 and our Cookie Policy.
2. HIPAA and Protected Health Information
As a healthcare provider, the collection, use, and disclosure of your Protected Health Information (PHI) is governed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and applicable Arizona state privacy laws. This website Privacy Policy supplements, but does not replace, our Notice of Privacy Practices (NPP).
You will receive a formal Notice of Privacy Practices detailing your rights under HIPAA when you become a patient at our clinic, or upon request at any time. Your rights under HIPAA include:
- Right to Access: You may request a copy of your medical records and other PHI that we maintain about you.
- Right to Amendment: You may request that we correct inaccurate or incomplete information in your records.
- Right to an Accounting of Disclosures: You may request a list of certain disclosures we have made of your PHI.
- Right to Restrict Use: You may request restrictions on certain uses and disclosures of your PHI for treatment, payment, or healthcare operations.
- Right to Confidential Communications: You may request that we communicate with you about your PHI in a specific way or at a specific location.
- Right to File a Complaint: If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer or directly with the U.S. Department of Health and Human Services Office for Civil Rights.
3. How We Use Your Information
Having accurate information about you permits us to provide you with efficient, personalized care. We may use information collected about you via the website or during your care to:
- Schedule appointments, consultations, and follow-up sessions.
- Coordinate your treatment plan, including qEEG brain mapping, neurofeedback protocols, and trauma therapy sessions.
- Coordinate with your legal representation for personal injury and attorney-lien cases, only with your explicit written consent and signed authorization.
- Send appointment reminders, intake instructions, and administrative communications via phone, email, or text message.
- Process billing and insurance claims in accordance with your payment arrangements.
- Improve the functionality, content, and user experience of our website.
- Conduct internal analytics to understand how patients and visitors use our website.
- Comply with applicable federal and Arizona state laws and regulations.
4. Disclosure of Your Information
We do not sell, trade, or rent your personal information to third parties. We may share information we have collected about you only in the following situations:
- By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to a lawful legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of ourselves or others, we may share your information as permitted or required by applicable law.
- Third-Party Service Providers: We may share your information with third parties that perform services for us or on our behalf, including HIPAA-compliant electronic health record (EHR) systems, secure form processing platforms, website hosting providers, email delivery services, and analytics providers. All such vendors are required to maintain the confidentiality and security of your information.
- Legal and Medical Coordination for PI Cases: For personal injury patients, we may share necessary medical records, reports, and documentation with your attorney, insurance adjusters, or other treating healthcare providers involved in your case, provided we have your signed authorization in accordance with HIPAA requirements.
- Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via a prominent notice on our website of any change in ownership or uses of your information.
5. Cookies and Tracking Technologies
We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about how you interact with our website. The categories of cookies we use include:
- Essential Cookies: Required for the website to function. They enable core functionality such as page navigation and security. These cannot be disabled.
- Analytics Cookies: Allow us to measure and improve website performance by collecting information about how visitors use the site (e.g., pages visited, time on site, traffic sources).
- Functional Cookies: Enable enhanced features and personalization, such as remembering your preferences or pre-filling form fields.
You may manage your cookie preferences at any time through our cookie consent preferences panel. For a complete list of cookies we use and detailed instructions on managing them, please visit our Cookie Policy.
6. Data Retention
We retain your information for as long as necessary to fulfill the purposes described in this Privacy Policy and to comply with our legal obligations:
- Medical Records: Retained in accordance with Arizona state law, which requires healthcare providers to retain adult patient records for a minimum of 6 years from the date of service. For minor patients, records are retained for at least 3 years after the patient's 18th birthday, or 6 years from the date of service, whichever is longer.
- Website and Contact Data: Non-medical data collected through our website (such as contact form submissions) is retained only as long as necessary for business operations and then securely deleted.
- Right to Request Deletion: You may request deletion of non-medical personal data we hold about you. Medical records subject to state and federal retention requirements cannot be deleted prior to the expiration of the legally mandated retention period. To submit a deletion request, contact us using the information in Section 12.
7. Your Rights
Depending on your location and applicable law, you may have the following rights with respect to your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request that we correct inaccurate or incomplete personal information.
- Deletion: Request deletion of non-medical personal data we hold about you, subject to applicable retention obligations.
- Opt-Out of Marketing: Opt out of receiving marketing communications from us at any time by clicking "unsubscribe" in any marketing email or contacting us directly.
- Withdraw Consent: Where we process your information based on consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
- File a Complaint: File a complaint with the HHS Office for Civil Rights (for HIPAA-related concerns) or with applicable state regulators. We will not retaliate against you for exercising any of these rights.
To exercise any of these rights, please contact us using the information provided in Section 12. We will respond to verifiable requests within the timeframe required by applicable law.
8. Children's Privacy
Neuron Connect provides services to patients of all ages, including minors. Where services are provided to patients under the age of 18, a parent or legal guardian must provide written consent prior to treatment and the collection of any health information.
We do not knowingly collect personal information from children under the age of 13 through our website without verifiable parental consent, in compliance with the Children's Online Privacy Protection Act (COPPA). If you believe we have inadvertently collected such information without proper consent, please contact us immediately so that we may take appropriate corrective action.
9. Third-Party Links
Our website may contain links to third-party websites, including patient portal providers, payment processors, and other healthcare resources. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to review the privacy policy of any website you visit. The inclusion of any link does not imply our endorsement of that site.
10. Security of Your Information
We implement a variety of administrative, technical, and physical security measures to protect your personal and health information:
- SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using industry-standard SSL/TLS protocols.
- HIPAA-Compliant Storage: All electronic Protected Health Information (ePHI) is stored in HIPAA-compliant systems with appropriate safeguards including access controls, audit logs, and data integrity measures.
- Access Controls: Access to patient information is restricted to authorized personnel on a need-to-know basis. All staff with access to PHI receive ongoing HIPAA training.
- Regular Security Audits: We conduct periodic security assessments and vulnerability reviews to identify and address potential weaknesses in our systems.
- Breach Notification: In the event of a data breach affecting your PHI, we will notify you and the appropriate government authorities as required by HIPAA's Breach Notification Rule and applicable Arizona law.
While we have taken reasonable steps to secure the personal information you provide to us, please be aware that no security measures are perfect or impenetrable. No method of data transmission can be guaranteed against any interception or other type of misuse.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will update the "Last Updated" date at the top of this page. For material changes that significantly affect how we handle your information, we will provide a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website after any changes constitutes your acceptance of the updated policy.
12. Contact Us
If you have questions or comments about this Privacy Policy, wish to exercise your rights, or want to submit a complaint, please contact us at:
Neuron Connect, Privacy Officer
Phoenix, AZ
Phone: (602) 888-1012
Email: BrainTrain@neuron-connect.com
We are here to help.
Contact our team with any questions about this policy, your rights, or how we handle your information. We respond promptly.
Attorney-lien friendly. Se Habla Español. Multiple Arizona locations.
