Privacy Policy

Change in Entropy Hypnotherapy
Website: https://www.change-in-entropy.com/
Effective Date: March 17, 2026
Last Updated: March 17, 2026

Change in Entropy Hypnotherapy (“Company,” “we,” “us,” or “our“) respects your privacy and is committed to protecting the personal information you share with us through our website, forms, scheduling tools, communications, and services.

This Privacy Policy explains how we collect, use, disclose, protect, and retain personal information. It also describes certain rights you may have under applicable federal and New Mexico law.

1. Scope of This Policy

This Privacy Policy applies to:

  • our website at https://www.change-in-entropy.com/

  • online contact, consultation, scheduling, and intake forms

  • email, phone, text, and other communications with us

  • services provided by Change in Entropy Hypnotherapy

This Privacy Policy does not replace any separate Notice of Privacy Practices we may provide if we are subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Where HIPAA applies, that separate notice governs our use and disclosure of Protected Health Information (“PHI”).

2. Business Information

Change in Entropy Hypnotherapy
2862 Change Street, Unit A
Los Alamos, NM 87544
Email: [email protected]
Phone: (907) 278-1180

3. Information We Collect

We may collect the following categories of information:

A. Information You Provide Directly

When you contact us, request information, book a session, complete forms, or otherwise interact with us, you may provide:

  • name

  • email address

  • phone number

  • mailing address

  • date of birth

  • emergency contact information

  • appointment details

  • payment information

  • health, wellness, stress, behavioral, or treatment-related information you choose to share

  • insurance information, if applicable

  • any other information you submit through forms, messages, or consultations

B. Website and Device Information

When you visit our website, we may automatically collect limited technical information such as:

  • IP address

  • browser type

  • device type

  • operating system

  • pages visited

  • date and time of visit

  • referring website

  • general website usage and diagnostic information

C. Cookies and Similar Technologies

We may use cookies or similar technologies to operate the website, improve functionality, remember preferences, and analyze site performance. We do not knowingly use third-party advertising pixels or similar tracking technologies on pages where you submit health, intake, appointment, or other sensitive information unless such use is legally compliant and properly safeguarded.

D. Communications Information

If you email, call, text, or message us, we may keep records of those communications, including appointment requests, administrative questions, and customer service correspondence.

4. How We Use Information

We may use your information to:

  • provide and manage hypnotherapy, wellness, and related services

  • respond to inquiries and requests

  • schedule and confirm appointments

  • send reminders, service updates, and administrative notices

  • create, maintain, and update client records

  • process payments and accounting

  • comply with legal, regulatory, ethical, and licensing obligations

  • protect the security and integrity of our website, systems, and records

  • improve our website, services, and user experience

  • enforce our terms, policies, and business operations

We use health-related information only as reasonably necessary to provide services, communicate with you, maintain records, meet legal obligations, and otherwise as permitted or required by law.

5. HIPAA and Health Information

To the extent we are a HIPAA covered entity or business associate with respect to any information, we comply with applicable HIPAA Privacy, Security, and Breach Notification requirements.

Where HIPAA applies:

  • your PHI is used and disclosed only as permitted or required by law

  • we maintain safeguards designed to protect PHI

  • we provide a separate Notice of Privacy Practices

  • we limit uses and disclosures to the extent required by law

  • we obtain written authorization when required

We do not sell your PHI.

We do not use health information for targeted advertising or marketing in a manner prohibited by law.

If we maintain psychotherapy notes, those notes are treated with heightened protection and generally will not be disclosed without your written authorization except where disclosure is otherwise expressly permitted or required by law.

6. How We Share Information

We may share information in the following circumstances:

A. Service Providers

We may share information with vendors and service providers that help us operate our practice and website, such as:

  • website hosting providers

  • scheduling platforms

  • secure form providers

  • payment processors

  • electronic record or practice management vendors

  • email, phone, or text communication providers

  • IT and cybersecurity vendors

  • accountants, attorneys, and professional advisors

These parties may receive information only as needed to perform services for us and are expected to protect it appropriately. Where required, we enter into Business Associate Agreements or other contractual privacy and security protections.

B. With Your Consent or Direction

We may share information when you ask us to do so or authorize us to do so.

C. Treatment, Payment, and Operations

Where permitted by law, we may use or share relevant health information for treatment, payment, health care operations, consultation, referrals, recordkeeping, and practice administration.

D. Legal and Safety Reasons

We may use or disclose information when required or permitted by law, including to:

  • comply with court orders, subpoenas, or lawful investigations

  • respond to health oversight activities

  • report abuse, neglect, or domestic violence when required

  • prevent or lessen a serious threat to health or safety

  • comply with public health obligations

  • protect our rights, safety, property, systems, staff, or clients

E. Business Changes

If all or part of our practice is reorganized, merged, sold, or transferred, information may be transferred as part of that transaction, subject to applicable privacy and confidentiality obligations.

7. Website Analytics, Cookies, and Tracking

We may use limited website analytics or similar tools to understand general traffic and improve site performance. We do not knowingly permit third-party advertisers to collect health-related information from our website for targeted advertising.

Please do not submit detailed medical or highly sensitive information through a general contact form unless the form is specifically designed for secure intake. Where available, use our designated secure channels for submitting health information.

You can usually control cookies through your browser settings. Blocking cookies may affect site functionality.

8. Text Messages, Email, and Electronic Communications

If you give us permission to communicate electronically, we may contact you by email or text regarding scheduling, reminders, billing, or administrative matters.

Electronic communications can involve some risk. By providing your contact information and choosing electronic communications, you acknowledge those risks to the extent permitted by law. You may opt out of non-essential communications by contacting us, though we may still send important service or legal notices.

We do not send marketing texts without the legally required consent.

9. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, alteration, and disclosure. These safeguards may include secure passwords, access controls, encrypted or protected systems where appropriate, vendor due diligence, and workforce privacy practices.

No method of transmission over the internet or method of electronic storage is completely secure. For that reason, we cannot guarantee absolute security.

10. Data Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

  • provide services

  • maintain business and clinical records

  • comply with legal, tax, insurance, licensing, and recordkeeping obligations

  • resolve disputes

  • enforce agreements

Retention periods may vary depending on the type of information and applicable legal requirements.

11. Your Privacy Rights

Depending on the nature of your relationship with us and the law that applies, you may have the right to:

  • request access to certain personal information we maintain about you

  • request correction of inaccurate information

  • request confidential communications

  • request limits on certain uses or disclosures

  • request a copy of this Privacy Policy or, where applicable, our Notice of Privacy Practices

  • withdraw a consent or authorization you previously provided, to the extent permitted by law

  • file a complaint with us or with an appropriate governmental authority

If HIPAA applies to your information, you may also have HIPAA rights, including the right to access records, request amendments, request an accounting of certain disclosures, request restrictions in certain cases, and obtain a paper copy of our Notice of Privacy Practices.

To exercise rights, contact us using the information below.

12. New Mexico Privacy and Record Protections

We do business in New Mexico and seek to handle personal and health-related information in a manner consistent with applicable New Mexico law, including laws governing data security, breach notification, and the privacy and protection of medical and electronic records, where applicable.

If a non-HIPAA data breach occurs and New Mexico law applies, we will provide notices consistent with applicable law. If HIPAA applies to the information involved, HIPAA breach notification requirements may govern instead.

13. Children’s Privacy

Our website and services are not directed to children under 13 without the involvement of a parent or legal guardian. We do not knowingly collect personal information online from children under 13 without appropriate consent where required by law. If you believe a child has provided us information improperly, contact us and we will take appropriate steps.

14. Third-Party Links and Services

Our website may contain links to third-party websites, tools, or services. We are not responsible for the privacy, security, or content practices of those third parties. We encourage you to review their policies before sharing information.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date and last updated date. Your continued use of the website or services after changes are posted means you accept the revised policy, to the extent permitted by law.

16. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact:

Change in Entropy Hypnotherapy
2862 Change Street, Unit A
Los Alamos, NM 87544
Email: [email protected]
Phone: (907) 278-1180