Privacy Policy

Effective Date: January 1, 2026
Business Name: Compass Christian Counseling PLLC (“Company,” “we,” “our,” or “us”)
Business Address: 3900 Lakeland Dr., Suite 203A & Suite 203B, Flowood, Mississippi 39232
Phone: (601) 228‑6907
Email: admin@compassccms.com

1) Who We Are and What This Policy Covers

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you interact with:

  • Our website hosted on Squarespace,

  • Our appointment‑scheduling portal at https://compassccms.clientsecure.me,

  • Our SMS messaging system, and

  • Any communication channels we provide.

As a licensed therapy and counseling practice with multiple clinicians, we also maintain a separate HIPAA Notice of Privacy Practices governing how we handle Protected Health Information (PHI). If there is any conflict between this Privacy Policy and the HIPAA Notice regarding PHI, the HIPAA Notice prevails. [hhs.gov]

2) Our Role Under HIPAA (Therapy & Counseling)

Compass Christian Counseling PLLC is a HIPAA‑covered entity when we receive or create PHI in connection with counseling services. We maintain required policies, procedures, workforce training, and Business Associate Agreements (BAAs) with HIPAA‑regulated vendors.

We ask clients not to send PHI through unencrypted website forms or SMS. Standard SMS lacks HIPAA safeguards; secure communication options (e.g., your therapist’s secure messaging, or our clientsecure.me portal) must be used for sensitive content.

Some mental‑health information (such as psychotherapy notes) carries heightened protections.

3) Information We Collect

a) Information You Provide

  • Name, email, phone number, insurance information, and any details submitted via forms, calls, or emails.

  • Appointment requests, client‑portal submissions, or inquiries.

  • Intake information used for clinical services (treated as PHI under HIPAA).

b) Automatically Collected Information (Squarespace Analytics)

Squarespace automatically collects:

  • IP address, browser, device information

  • Pages visited, internal links clicked, scrolling, searches, timestamps

  • Traffic and usage data used to power Squarespace Analytics

c) Cookies & Similar Technologies

We use Squarespace cookies for core site functionality, analytics, performance, and security. Third‑party tools (such as maps, video embeds, connected accounts) may also place cookies. A cookie banner may appear depending on your region.

d) Information from Third‑Party Services

If we embed or connect third‑party tools (maps, videos, social media plugins, payment processors, etc.), they may receive certain technical data about your visit. Your appointment‑scheduling portal (clientsecure.me) may collect data needed to deliver its services under its own privacy and HIPAA compliance terms. 

4) How We Use Information (Non‑PHI)

  • To provide and improve our website and services.

  • To respond to inquiries and schedule appointments.

  • To send operational SMS messages (see Section 5).

  • To comply with law and secure our systems.
    Squarespace may also process technical data as an independent controller for security and service delivery.

Marketing vs. Healthcare Communications

We do not use your PHI for marketing without written authorization. HIPAA strictly limits marketing communications. 

5) Required SMS Messaging Compliance Language

Brand Name: Compass Christian Counseling
Types of Messages: Customer care, public service announcement, and account notification.
Message Frequency Disclosure: Message frequency may vary.
Message and Data Rates May Apply: Standard messaging rates may apply.
Customer Care Contact Information: Text HELP or email admin@compassccms.com.
By providing your phone number, you agree to receive text messages from Compass Christian Counseling for customer care, public service announcement, and account notifications.
Opt‑Out Information: To stop receiving messages, text STOP at any time. From there, you will receive a confirmation message that you have been unsubscribed. After this, you will no longer receive further messages from us unless you opt-in again.

We comply with FCC/TCPA consent and opt‑out standards, including revocation rules and prompt unsubscribe processing.

HIPAA‑sensitive content is not sent via standard SMS. Secure platforms are used for any PHI‑related communication.

6) How We Share Information

We may share information with:

  • Service providers/vendors:
    Squarespace (hosting, analytics), SimplePractice (clientsecure.me portal), secure messaging providers, email/SMS vendors, cloud storage, and other business associates as applicable. Some operate under BAAs when required by HIPAA. 

  • Legal requirements & safety concerns:
    We may disclose information when required by law, court order, or to prevent serious harm, consistent with HIPAA and mental‑health regulations. 

  • Insurance companies:
    If you choose to use insurance (e.g., BlueCross BlueShield, United Health, UMR, Aetna, and others), we may disclose the minimum necessary PHI for billing and authorization purposes, as permitted by HIPAA.

We do not sell personal information or PHI. HIPAA forbids selling PHI without authorization.

7) Data Retention

We retain information as necessary for:

  • Providing services,

  • Meeting legal and ethical record‑keeping obligations, and

  • Complying with HIPAA documentation requirements.
    Clinical records follow HIPAA retention rules; analytics and cookie data follow shorter platform‑defined periods.

8) Your Rights

Website‑Collected Personal Information

You may request access, correction, or deletion by emailing admin@compassccms.com.

PHI (Clinical Records)

HIPAA grants you rights such as requesting:

  • Access to your PHI

  • Amendments

  • Restrictions

  • Accounting of disclosures

Instructions appear in our HIPAA Notice of Privacy Practices.

Cookie Preferences

You can adjust preferences through your browser settings or our cookie banner.

SMS/Email Preferences

Unsubscribe at any time; STOP instructions are honored promptly. 

Mississippi Law

Mississippi generally follows federal HIPAA standards and requires secure handling of health information, proper access controls, and confidentiality protections.

9) Security

We implement safeguards appropriate to the sensitivity of the information, including administrative, technical, and physical controls. PHI is protected through HIPAA‑compliant systems and vendor BAAs where appropriate. 

No method of transmission is 100% secure, but we maintain strong measures to protect your information.

10) Squarespace Hosting & International Visitors

Squarespace may process certain End‑User data (such as IP addresses) as an independent controller for security and platform integrity. Visitors outside the U.S. acknowledge that their data may be processed in the U.S. 

11) Children’s Privacy

Our Site is intended for adults. We do not knowingly collect data from children under 18 without appropriate consent. Therapy services for minors follow HIPAA and Mississippi laws about guardianship and access rights.

12) Third‑Party Links & Embedded Features

External links, maps, videos, scheduling portals, and social media features operate under the privacy policies of their respective providers. 

13) Changes to This Policy

We may update this Policy periodically. The “Effective Date” will always reflect the latest version. Material updates will be posted to this page. 

14) Contact Us

Compass Christian Counseling PLLC
3900 Lakeland Dr., Suite 203A & Suite 203B
Flowood, Mississippi 39232
Phone: (601) 228‑6907
Email: admin@compassccms.com

For HIPAA‑specific requests, please see our HIPAA Notice of Privacy Practices.