Privacy Policy

Step by Step Chiropractic, Massage, and Skin Care ("we," "us," or "our") is committed to protecting the privacy and security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.stepbystepmassage.com or use our chiropractic, massage, skin care, and body therapy services.

1. Information We Collect

Personal Information

When you book an appointment, fill out a contact form, or complete an intake form, we may collect:

• Full name
• Email address
• Phone number
• Mailing address
• Date of birth
• Payment information (processed securely; we do not store card numbers)

Health Information

To provide safe and effective treatment, we collect health-related information through our intake forms, including:

• Current health conditions and symptoms
• Medical history and past surgeries
• Medications, supplements, and allergies
• Pregnancy status
• Areas of pain or concern
• Emergency contact information
• Referring physician information

Website Usage Information

When you visit our website, we may automatically collect:

• IP address and browser type
• Pages visited and time spent on pages
• Referring website
• Device type and operating system

2. How We Use Your Information

We use the information we collect for the following purposes:

• Providing services: To schedule appointments, deliver chiropractic, massage, skin care, and body therapy treatments, and tailor care to your individual needs.
• Health & safety: To assess contraindications, ensure treatment safety, and maintain accurate client records.
• Communication: To send appointment confirmations, reminders, follow-up care instructions, and respond to your inquiries.
• Payments: To process deposits and payments for services rendered.
• Promotions: To send promotional offers, new service announcements, or newsletters (only with your consent; you may opt out at any time).
• Website improvement: To analyze website traffic, improve user experience, and optimize our services.
• Legal compliance: To comply with applicable laws, regulations, and professional licensing requirements.

3. Health Information & Privacy

We take the privacy of your health information seriously. While chiropractic and massage therapy practices are not always classified as HIPAA-covered entities, we voluntarily follow industry best practices for protecting health information:

• Your health and treatment records are kept confidential and are accessible only to the practitioners directly involved in your care.
• We will not share your health information with third parties without your written consent, except as required by law.
• You have the right to request access to your treatment records and to request corrections to any inaccurate information.
• Intake forms and treatment notes are stored securely with access restricted to authorized personnel.

4. Cookies & Analytics

Our website uses cookies and similar technologies to enhance your browsing experience and analyze website traffic.

Google Analytics 4

We use Google Analytics 4 with Consent Mode v2 to understand how visitors interact with our website. This includes tracking page views, button clicks, and form submissions. We have configured GA4 with:

• IP anonymization enabled
• No advertising or personalization signals
• No cross-site tracking

Your Cookie Choices

When you first visit our website, you will see a cookie consent banner. Performance cookies (including analytics) are enabled by default under our opt-out model, which is compliant with the California Consumer Privacy Act (CCPA) for US-based businesses. You may disable performance cookies at any time through the cookie preferences banner. Even when cookies are disabled, Google Analytics may still receive anonymized, cookieless signals for behavioral modeling.

5. Information Sharing & Disclosure

We do not sell, trade, or rent your personal or health information to third parties. We may share your information only in the following circumstances:

• Service providers: With trusted third-party services that help us operate our business (e.g., payment processors, appointment scheduling systems, email services). These providers are contractually obligated to protect your data.
• Legal requirements: When required by law, subpoena, court order, or to protect our rights, safety, or property.
• Referrals: With other healthcare providers only with your explicit written consent (e.g., sharing treatment notes with your physician).
• Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

6. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your information, including:

• SSL/TLS encryption for all website data transmission
• Secure payment processing (we never store credit card numbers)
• Access controls limiting data access to authorized staff
• Regular review of security practices

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal and health information for as long as necessary to provide services, comply with legal obligations, and resolve disputes. Health and treatment records are retained in accordance with Georgia professional licensing board requirements (typically a minimum of 7 years for chiropractic records and 6 years for massage therapy records). You may request deletion of your data subject to legal retention requirements.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

California Residents (CCPA)

• Right to know what personal information we collect and how it is used
• Right to request deletion of your personal information
• Right to opt out of the sale of personal information (we do not sell your data)
• Right to non-discrimination for exercising your privacy rights

All Clients

• Access your treatment records and personal information
• Request corrections to inaccurate information
• Opt out of marketing communications at any time
• Withdraw consent for non-essential data processing
• Disable analytics cookies via our cookie preferences banner

To exercise any of these rights, please contact us using the information below.

9. Children's Privacy

Our website is not directed to children under 13. We do not knowingly collect personal information from children under 13 through our website. For minors under 18 who receive in-person services, a parent or legal guardian must provide consent and be present during treatment. Health information for minors is maintained with the same security standards as adult records.

10. Third-Party Links

Our website may contain links to third-party websites (e.g., Google Maps, Facebook, Yelp, Google Reviews). We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. SMS & Email Communications

If you opt in to SMS or email notifications during booking, you consent to receiving appointment confirmations, reminders, and occasional promotional messages. You may opt out at any time by replying STOP to any SMS message or clicking the unsubscribe link in any email. Standard messaging rates may apply.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. Changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or want to file a complaint, please contact us: