Privacy Policy

HIPAA Notice of Privacy Practices

This notice describes how psychological and medical information about you may be used and disclosed and how you can get access to this information.

Please review the below carefully and completely.

Privacy Policy

Last Updated: May 13, 2024
Effective: May 14, 2020

Thank you for considering Emotilink, a telemental health platform and digital marketplace where users like you can search for and connect to independent, licensed mental health professionals using our secure and HIPAA-compliant mobile application.

We respect your privacy and are committed to protecting it through our compliance with this policy. By registering as a user and using our platform, you consent to the collection, use, and storage of your information as outlined below.

You Must Be an Adult to Use the Platform

Our platform is not intended for use by individuals under the age of majority in their state. We do not knowingly collect data from children under 13 (or under 16 in California). If we do, please contact us at info@emotilink.com.

What Information We Collect About You

We collect only the information necessary to deliver a secure, real-time telemental health experience:

  • User-created login credentials (email, password, display name)
  • Contact information (name, phone, state, email)
  • Payment details (name, billing address, credit card info — collected only at booking)
  • Emergency details (name, address, contact info, GPS location for emergencies only)
  • Session, scheduling, and transaction history
  • Legal notices and agreements
  • Optional: starred providers, photo, ratings, and communication records
  • Technical log files and encrypted location data (emergency only)

What We Share with Providers

We only share your display name, state, and optional photo with providers — unless an emergency arises. Other personal data remains private unless you choose to disclose it during your session.

How We Store Your Information

Protected Health Information (PHI) is encrypted in transit and at rest on secure Microsoft servers. Payment info is processed via PCI DSS-compliant Finix Payments. Emotilink staff access is restricted and HIPAA-trained.

How to Terminate Your User Account

Accounts inactive for 12+ months are deleted automatically. You may also delete your account anytime in the mobile app. Reactivation requires a request via info@emotilink.com.

How and the Extent to Which Users Can Delete Their Information

  • App downloaders (no account): No PII collected.
  • Users with accounts but no bookings: Eligible for full deletion.
  • Users with appointment history: Data retained for 10 years under HIPAA.

How We Secure Your Real-Time Communications

We use WebRTC with AES 256-bit encryption and HMAC verification for private, encrypted video calls. No sessions are stored or decrypted by Emotilink.

When We Can Disclose Your Information

  • With your written authorization
  • To comply with legal orders or obligations
  • During business restructuring or acquisition
  • To HIPAA-compliant third-party vendors

Your Providers’ Responsibilities

Each provider is a HIPAA-covered entity and must furnish their own Notice of Privacy Practices. You’ll receive these notices with appointment confirmation emails.

What We Share in the Event of an Emergency

If a provider triggers an emergency protocol, we will share your name, home address, emergency contact, and last known GPS location to help ensure your safety.

Contact Us

Email: info@emotilink.com
Address: Emotilink, LLC
222 Merchandise Mart Plaza, Suite 1230
Chicago, IL 60654