PRIVACY POLICY

Grit Physical Therapy and Performance (“Grit,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, use our online services, or interact with us in person.

Please read this Privacy Policy carefully. By using our website or services, you agree to the collection and use of information in accordance with this policy.

1. Who We Are

Grit Physical Therapy and Performance is a physical therapy and performance clinic located in Richmond, Virginia.

Grit Physical Therapy and Performance
3001 E Parham Rd
Richmond, VA 23228
United States
Phone: (804) 929-8060
Email: gabby@gritptandperformance.com
Website: https://www.gritptandperformance.com/

2. Scope of This Policy

This Privacy Policy applies to information we collect:

  • Through our website https://www.gritptandperformance.com/ (the “Site”);
  • Through online forms, scheduling tools, or contact submissions;
  • Through email, phone, and other electronic communications with you;
  • In person at our clinic.

This Policy does not apply to information collected by:

  • Any third-party websites or services that may link to or be linked from our Site;
  • Any third-party platforms you use to access our services (such as separate scheduling, telehealth, or payment tools), which have their own privacy policies.

3. Information We Collect

3.1 Information You Provide Directly

We may collect information that you choose to provide, such as:

  • Contact information
    Name, email address, phone number, mailing address, and other details you provide when you contact us or request services.
  • Appointment and intake information
    Preferred appointment dates/times, availability, and any notes you include in registration or intake forms.
  • Health-related information
    Information related to your condition, symptoms, medical history, prior treatment, and goals that you share with us as part of evaluating and delivering care.
  • Billing and payment information
    Payment card details and related billing information, which may be processed via third-party payment providers.
  • Communications
    Information contained in emails, messages, or other communications you send to us, including feedback or responses to surveys.
  • Marketing preferences
    Information you provide when you sign up for newsletters, updates, or other marketing communications.

3.2 Information Collected Automatically

When you visit our Site, we and our service providers may automatically collect certain information using cookies and similar technologies, including:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Referring and exit pages
  • Pages viewed and links clicked
  • Date, time, and duration of visits
  • General location based on IP address

This information helps us understand how visitors use our Site and improve its performance and content.

3.3 Information from Third Parties

We may receive information about you from third parties, such as:

  • Referring healthcare providers or professionals;
  • Third-party scheduling, telehealth, or payment platforms;
  • Marketing or analytics partners.

We handle this information in accordance with this Privacy Policy and applicable laws.

4. How We Use Your Information

We may use the information we collect for purposes including:

  • Providing care and services
    Evaluating your condition, planning and delivering physical therapy and performance services, and coordinating care.
  • Scheduling and managing appointments
    Processing booking requests, sending confirmations and reminders, and communicating schedule changes.
  • Communicating with you
    Responding to inquiries, sending administrative messages, and providing updates related to your care or our services.
  • Marketing and promotions
    Sending newsletters, educational content, and information about events, offers, or services, where permitted by law. You may opt out at any time.
  • Operating and improving our Site
    Monitoring usage, troubleshooting issues, and enhancing user experience and functionality.
  • Security and fraud prevention
    Protecting the security and integrity of our systems and data, and preventing, detecting, or investigating fraud or other unlawful activity.
  • Legal and compliance purposes
    Complying with legal and regulatory requirements, responding to lawful requests, and enforcing our policies and agreements.
  • Any other purpose with your consent.

5. Health Information and HIPAA

Some of the information we collect and maintain in the course of providing physical therapy services may be considered Protected Health Information (“PHI”) under the Health Insurance Portability and Accountability Act (“HIPAA”) and applicable state laws.

When we act as a healthcare provider:

  • We use and disclose PHI in accordance with our Notice of Privacy Practices, which describes how we may use and disclose PHI for treatment, payment, and healthcare operations, as well as your rights with respect to your PHI.
  • If there is any conflict between this Privacy Policy and our HIPAA Notice of Privacy Practices, the HIPAA Notice of Privacy Practices will govern with respect to PHI.

You may request a copy of our Notice of Privacy Practices by contacting us using the information in Section 15.

6. How We Share Your Information

We do not sell your personal information.

We may share your information with:

  • Service providers
    Third parties that perform services on our behalf, such as website hosting, IT support, analytics providers, email and marketing services, and payment processors. These providers may only use your information as necessary to perform services for us.
  • Healthcare professionals and partners
    Referring providers, other healthcare professionals, or entities involved in your care, as permitted by HIPAA and applicable law.
  • Professional advisors
    Attorneys, accountants, and other professional advisors who require access to such information to provide services to us.
  • Legal and safety purposes
    When we believe in good faith that disclosure is necessary to comply with applicable law, regulation, legal process, or governmental request; to protect the safety, rights, or property of you, us, or others; or to investigate suspected or actual illegal activity or violations of our policies.
  • Business transfers
    In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction, subject to continued protection consistent with this Policy.

PHI is shared only in accordance with HIPAA and other applicable privacy laws.

7. Cookies and Similar Technologies

We and our service providers may use cookies and similar technologies to:

  • Recognize your browser or device;
  • Remember your preferences;
  • Analyze Site traffic and usage patterns;
  • Improve Site performance and content.

You can typically configure your browser to refuse cookies or alert you when cookies are being sent. If you disable cookies, some parts of the Site may not function properly.

If we use specific analytics or advertising tools (such as Google Analytics or social media pixels), additional information and opt-out options may be included in a future update of this Policy or in a cookie notice.

8. Email and Text Communications

We may use your contact information to send:

  • Appointment confirmations and reminders;
  • Important notices related to your care or our services;
  • Educational or marketing communications, if you have opted in or where otherwise permitted.

You can opt out of marketing-related emails by following the unsubscribe instructions in those messages or by contacting us directly. Opting out of marketing messages does not affect essential communications about your care, appointments, or other transactional messages.

If we implement SMS/text messaging in the future (for example, for appointment reminders), we will do so in accordance with applicable laws and, where required, your consent. Standard message and data rates may apply.

9. Data Security

We use reasonable physical, technical, and administrative safeguards to help protect your personal information from unauthorized access, use, or disclosure. These measures may include:

  • Restricted access to systems and records;
  • Use of secure systems and passwords;
  • Use of reputable third-party service providers for hosting and payment processing.

However, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security.

10. Data Retention

We retain personal information for as long as necessary to:

  • Provide services and maintain our relationship with you;
  • Meet legal, regulatory, and professional obligations (including medical record retention requirements);
  • Resolve disputes and enforce our agreements.

Retention periods may vary depending on the type of information and applicable laws in Virginia and other jurisdictions.

11. Children’s Privacy

Our services may be used by youth and adolescent athletes, but our Site is not intended to collect personal information directly from children under 13 years of age without the consent of a parent or legal guardian.

  • If you are a parent or guardian and believe your child has provided personal information online without your consent, please contact us using the information in Section 15.
  • We will take appropriate steps to review and, where required, delete such information.

Clinical records for minor patients are created and maintained in accordance with HIPAA and applicable state law, typically with the involvement of a parent or legal guardian.

12. Your Privacy Rights

Depending on your place of residence, you may have certain rights regarding your personal information, which may include the right to:

  • Access your personal information;
  • Correct inaccurate or incomplete information;
  • Request deletion of certain personal information, subject to legal and medical record-keeping requirements;
  • Restrict or object to certain processing activities;
  • Opt out of marketing communications.

To exercise these rights, please contact us using the information in Section 15. We may ask you to verify your identity before responding to your request. We may not be able to fulfill certain requests where we are required to retain information by law (for example, medical records or financial records).

For rights specifically regarding your PHI (such as access to medical records or requests to amend them), please refer to our HIPAA Notice of Privacy Practices.

13. Third-Party Websites and Services

Our Site may contain links to third-party websites, platforms, or services that are not operated or controlled by Grit Physical Therapy and Performance. We are not responsible for the privacy practices or content of those third parties.

We encourage you to review the privacy policies of any third-party sites or services you use.

14. Contact Us

If you have any questions about this Privacy Policy, our privacy practices, or your rights, please contact us at:

Grit Physical Therapy and Performance
3001 E Parham Rd
Richmond, VA 23228
Phone: (804) 929-8060
Email: gabby@gritptandperformance.com
Website: https://www.gritptandperformance.com/