Privacy Policy

1. Introduction

Elite Gynecology (“we,” “us,” “our,” or “the Practice”) is committed to protecting the privacy and security of your personal and health information. This Privacy Policy explains how we collect, use, share, and safeguard your data when you interact with our website, schedule appointments, or contact us online. We comply with the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR) for EU users, the California Consumer Privacy Act (CCPA), and applicable New York State law.

2. Definitions

Website – The online domain https://elitegynregopark.com, including all subpages, forms, and content.
Company / Practice – Elite Gynecology, including its physicians, employees, and authorized representatives.
Cookies – Small text files stored on your device used to recognize browser preferences, track user behavior, and enhance user experience.
Personal Data – Any data that identifies or can be used to identify a natural person, including name, email, IP address, or health-related data.
Protected Health Information (PHI) – Any health information related to past, present, or future care that is created or received by a healthcare provider and that identifies an individual.
Processing – Any operation performed on personal or health data, such as collection, recording, storage, use, or deletion.
Google Analytics – A third-party tool used to collect data about website usage, traffic, and interactions.
GDPR – European data protection regulation applicable to individuals in the EU.
CCPA – California law granting consumers rights over their personal data.

3. Information We Collect

We may collect the following categories of information:

A. Contact & Appointment Requests

Name
Phone number
Email address
Preferred appointment date or message content

Disclaimer: Information submitted through the website contact form is not encrypted or sent through a secure messaging system. The form includes the following consent:
“I understand and agree that any information submitted through this form will be sent to our office via email and not through a secure messaging system. This form should not be used to submit private health information, and we disclaim any warranties regarding the privacy and confidentiality of any information submitted through this form.”

B. Automatically Collected Data

IP address
Device type
Browser type
Referring URLs
Pages viewed and time spent on the website

4. Use of Information

We may use your information to:

Respond to inquiries or appointment requests
Improve website functionality and performance
Analyze user behavior using analytics tools
Comply with legal and medical regulations
Prevent unauthorized access or fraud

5. HIPAA Compliance and Protected Health Information (PHI)

We comply with HIPAA and only collect PHI through secure, compliant channels such as in-office visits or secure electronic health record systems. The contact form should not be used to submit confidential health information, as it is not secured through encryption. Information shared via email or form submission is not considered PHI under HIPAA unless entered through secure platforms.

For more on your HIPAA rights: https://www.hhs.gov/hipaa/for-individuals/index.html

6. Google Analytics

We use Google Analytics to understand website usage and improve performance. Google may collect:

IP address
Browser/device information
Pages visited and time on site

Google’s use of data: https://policies.google.com/technologies/partner-sites

To opt out: https://tools.google.com/dlpage/gaoptout

7. Cookies and Tracking

Cookies help us enhance the user experience. They allow us to:

Save session preferences
Track aggregate behavior
Analyze traffic patterns

You can disable cookies in your browser settings, but this may impact some website functionality.

8. Information Sharing & Third-Party Disclosure

We do not sell or rent your data. Your data may be shared with:

Website hosting and IT providers
Analytics tools such as Google Analytics
Law enforcement or government agencies when legally required

All third-party vendors are required to maintain confidentiality and data security in accordance with HIPAA and applicable law.

9. Your Rights Under GDPR and CCPA

Under GDPR (for EU residents):

You have the right to:

Access your personal data
Correct inaccurate data
Request deletion or restriction
Withdraw consent
File a complaint with your Data Protection Authority

Under CCPA (for California residents):

You have the right to:

Know what data we collect and how it’s used
Request deletion of your data
Opt out of the sale of your personal data (we do not sell data)
Receive equal service regardless of exercising privacy rights

10. You Have the Right to Delete or Request That We Assist in Deleting the Personal Data That We Have Collected About You

We will honor requests for deletion of your data unless retention is required:

To comply with medical records law
For legal compliance
To fulfill an ongoing service or patient relationship

11. Links to Other Websites

Our website may link to external medical resources or third-party tools. We are not responsible for the privacy practices or content of external sites. Please review those privacy policies before sharing any data.

12. Children’s Privacy

Our website is not directed at children under 13. We do not knowingly collect personal information from minors. If you believe your child has submitted data, contact us and we will delete it promptly.

13. Data Security

We take commercially reasonable steps to secure your data, including:

SSL encryption
Access controls
Secure hosting

Despite our efforts, no method of transmission is completely secure.

14. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy. The current version will always be available on our website with the latest effective date. Continued use of our website constitutes acceptance of changes.

Effective Date: 6/17/2025