Recovered.org Privacy Policy and Notice of Collection
Updated: 7th July 2026
Privacy Policy
This Privacy Policy (the “Privacy Policy”) describes Recovered.org’s policies on the collection, use, and disclosure of information about you as an individual user of our Website, which provides educational resources regarding mental health services and directory assistance for those services (collectively, the “Service”). For Business Providers of the Service, our Business Provider Notice of Collection, Terms of Use & Privacy Policy applies instead. The terms “We”, “Us”, “Our”, “the Website” and “Recovered.org” refer to the Website, which is owned and run by JBKM Ltd., a limited liability company based in London, England. Recovered.org is considered the “controller” of your personal data as that term is defined by applicable data privacy laws and regulations. When you use the Service, you consent to our collection, use, transfer, manipulation, disclosure, and other use of information about you as described in this Privacy Policy. Among other things, the Service provides you, the individual user, with the opportunity to review educational materials related to mental health. In addition, the Website displays advertised information on products and services offered by certain mental health and therapy providers (each such provider, a “Business Provider”) and the Service can connect you with providers and clinics directly. Some Business Providers may have entered into agreements with Recovered.org to be highlighted through the Service, but these Business Providers are independent of Recovered.org and are not our employees or agents. Recovered.org does not in any way endorse, sponsor, or recommend any particular Business Provider, including any Business Provider that may be highlighted through, or on, the Service.
We may update this Privacy Policy, including changing data practices from time-to-time to make improvements in the Service and for compliance with regulations and laws. Any updates shall be reflected in the date of the policy being revised and posted above. We encourage you to review this Privacy Policy regularly to stay informed about our information practices and choices available to you.
TABLE OF CONTENTS
Categories of Information We Collect, Sources of Data Collection, Purpose of the Data, How We Use Data
Advertising and Analytics; Tracking Technologies
Third Party Sharing and/or Sale
Data Retention
Children
Security
European Users
Modifications to This Privacy Policy
Data Privacy Rights
Additional State Disclosures
We are Not a HIPAA Covered Entity or Business Associate
Disclaimers and Indemnity
Contact Information
1. CATEGORIES OF INFORMATION WE COLLECT, SOURCES OF DATA COLLECTION, PURPOSE OF THE DATA, AND HOW WE USE DATA
The information we collect will vary based on how you use and interact with our Service. If you are solely browsing the website, we generally collect, process, and store non-identifying, aggregate data on usage of the Website. If you click on our helpline number, your originating phone number is collected along with your general location in relation to the area code provided and the duration of your call, so that we may direct your call to a relevant provider. If you use our contact function to send information to a provider, we may collect your name, email, phone number, location, and the content of the message you provide if you use and input that information into our contact form. We use this information to fulfill your requests at your direction, such as routing you to a Business Provider within your geographic area. Where you contact Recovered.org directly, we use the information you provide to respond to your inquiry, provide support, and administer the Service. We also use the data collected to ensure the Service’s functionality, improve the Service’s quality, track usage of the Service, provide feedback to Business Providers that are listed on the Service, market the Service, provide customer support, back up our systems and allow for disaster recovery, monitor and enhance the security of the Service, and to comply with legal obligations. We do not use automated decision-making that produces legal or similarly significant effects.
Categories of information we have collected in the past 12 months, sources of data, purpose and how it is used:
Identifiers and Personal Information with use of the Helpline: we collect your phone number when you click or dial a phone number through the Website in order to route your call to a Business Provider or clinic, general location, connectivity status, and the length of the call. Your general location in a particular state is inferred from the area code that is collected. If you call a Business Provider directly (without use of the Website), we do not collect or have access to that information. The source of the data comes from you and your device which you have used for the Services.
Identifiers and Health Data (if provided): Name, email, phone number, location, communications, messages and/or reviews. When you use our contact form we collect this information in order to share it with a clinic or Business Provider. We do not collect this information unless you provide it to us, and we do not otherwise share that information except at your request for the Service, such as to be connected to a Business Provider or clinic. If you provide personal health information or other sensitive data, we do not use that information for secondary purposes without consent or as otherwise permitted by law. We will process and store whatever data you have input into our contact form. To the extent that sensitive data may be indirectly associated with you based on where your call is routed, it is solely done so at your direction. If you submit Rehab Reviews, your ratings, reviews, and comments, may be displayed as public content through the Service. Further, we do not restrict information that is already public through other means/channels. The source of this data comes from you and your device which you have used for the Services.
Technical and Usage Information: When you access or interact with the Service, certain technical and usage information is generated automatically. This information helps us operate the Website, understand how visitors use the Service, maintain security, and improve the functionality and performance of the Service.
Usage and analytics information: We collect limited information about how visitors interact with the Website in order to understand general patterns of use and improve the Service. This information may include pages viewed, links clicked, search activity on the Website, referring website or source, browser type and version, device type and operating system, timestamps of visits, duration of visit, aggregated interactions, and approximate geographic region. This information is used primarily in aggregated or statistical form to analyze how the Service is used.
Network and infrastructure information: When you access the Website, certain network and connection information may also be processed by the infrastructure and security services that help us operate and protect the Website. This includes bot-detection and anti-abuse technologies which prevent fraud, detect malicious activity, protect against unauthorized access and to comply with legal requirements. These technologies may collect your IP address, approximate geographic region derived from IP address, browser and device characteristics, network connection data, request headers, security signals for suspicious or automated traffic, and request metadata such as page requests and timestamps. This information is processed for purposes such as delivering web pages, maintaining system security, detecting malicious traffic, and ensuring the reliability of the Service. The source of this information is the technical data transmitted automatically by your device or browser when connecting to the Website or its supporting infrastructure.
2. ADVERTISING AND ANALYTICS
We use certain technologies that monitor usage of the site and which detect general usage information, security threats, issues with Website functionality, for the purpose of analyzing the functionality of the Services and analyzing how the Services are used for purposes of improving the Service. In addition, we may use your general geographic region based on your IP address to display sponsored, featured, or promoted Business Provider listings that are relevant to your general location, or based on the context of your searches on the Website.
3. THIRD PARTIES SHARING AND/OR SALE
We do not engage in: (a) targeted advertising, (b) the sale of personal data, or (c) profiling in furtherance of decisions that produce legal or similarly significant effects. We solely provide your data to third parties to provide the Services as requested and initiated by you, so that you may interact with these third parties and we can fulfill that request. We also will provide data as needed for compliance with laws and regulations. Third parties consist of our Business Providers, clinics with publicly listed contact information, and Service Providers. These third parties may receive information about you as follows:
Business Providers and Clinics: When you request to be connected with one of the Business Providers or other clinics or services through the site, we will share the information you provide to us, at your request. By use of our contact functionality through the Services, you are consenting to the collection of the data you are providing (as detailed above) and requesting that we share that information you have provided.
Helpline Calls: We use a third-party service provider, currently, Ringba.com (“Helpline Partner”) to monitor, listen to, forward, track and measure all calls to our advertising-supported helpline for quality assurance and reporting purposes. The originating phone number and length of the call are recorded by, encrypted, saved and stored with our Helpline Partner. Please note that even if a Business Provider has provided its own phone number, we will still use our Helpline Partner to monitor, forward, track and measure all such calls. A copy of the call details would be stored within our Helpline Partner account, which we have access to, and at the Service Provider’s designated repository for aggregating such calls.
Third parties may be able to associate the information they collect with other information they have about you from other sources, such as public information connected to your phone number or other data that you provide us to share with these third parties. This Privacy Policy does not apply to information collected by anyone other than us (even if related to our business). We do not collect information from other sources to combine with the personal data you have provided to us.
Aggregate Information: We may share user information in the aggregate (i.e., non-personal form) with third parties, such as advertisers, Business Providers and content distributors. For example, we may disclose the number of users that have been exposed to, or clicked on, Business Provider profiles or that have clicked on our Helpline numbers. This information is solely shared in an aggregate, anonymized format.
Business Transfers: We may share information from or about the site in an aggregate, non-personal format with our parent company, subsidiaries, joint ventures, or other companies under common control, in which case we will require them to honor this Privacy Policy. If another company acquires us or all or substantially all of our assets through a merger, acquisition, bankruptcy or liquidation, all personal and non-personal information collected on and through the Service shall be considered our assets and subject to transfer to such other company, in which case that company will assume the rights and obligations with respect to that information as described in this Privacy Policy.
Investigations: We may investigate and disclose information from or about You if we have a good faith belief that such investigation or disclosure: (a) is reasonably necessary to comply with legal process and law enforcement instructions and orders, such as a search warrant, subpoena, statute, judicial proceeding, or other legal process served on us; (b) is helpful to prevent, investigate, or identify possible wrongdoing in connection with the Service; or (c) protects our rights, reputation, property, or that of our users, affiliates, or the public. If you flag or otherwise complain to us about content through the Service, we may share the substance of your complaint with the contributor of that content in order to provide an opportunity for the contributor to review.
Links: The Service contains links to unaffiliated third-party services. Except as set forth herein, we do not share your personal information with them, and are not responsible for their privacy practices. We suggest you read the privacy policies applicable to all such third-party services.
4. DATA RETENTION
We may retain information about you for the purposes described in this Privacy Policy unless prohibited by law, and only for so long as is reasonably necessary. For example, we may retain information to prevent, investigate, or identify possible wrongdoing in connection with the Service or to comply with legal obligations. We may retain personal data to fulfill the purposes described in this Privacy Policy, including to comply with legal, accounting, or reporting obligations, resolve disputes, and enforce agreements. Retention periods vary based on data type and purpose. Criteria considered include: the volume, nature, and sensitivity of the data; potential risk of harm from unauthorized use or disclosure; the purposes for which we process the data; and applicable legal requirements, that vary by state.
5. CHILDREN
The Service is intended for general adult audiences and is not intended for nor directed to children under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information without parental consent, please contact us at info@recovered.org. If we become aware that a child under 16 has provided us with personal information without parental consent, we will take steps to remove such information.
6. SECURITY
We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet or via mobile device, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. We cannot guarantee the privacy or security of your information or any voice or data transmissions, as third parties may unlawfully intercept or access transmissions or electronic storage. Further, we are not responsible for circumvention of any privacy settings or security measures of our Service. Therefore, you use our Service at your own risk. You should not expect that your information or voice or data transmissions will always remain private, and we do not guarantee the performance or adequacy of our privacy settings or security measures. In the event that an unauthorized third party compromises our security measures, we will not be responsible for any damages, directly or indirectly, caused by an unauthorized third party’s ability to view, use or disseminate your information.
7. EUROPEAN USERS
For users residing in the European Union, please note that our Service is intended for use only by U.S. residents and U.S.-based mental health, rehabilitation, and therapy service providers and any information we may obtain from or about you through your use of the website, may be transferred, processed and stored outside of the E.U. for the purposes described in this Privacy Policy, including in the United States of America. We disclaim any warranty or representation that the level of data protection we employ will be in accordance with E.U. standards. If you would like additional information about your personal data and its use in connection with this Service, including correcting any incorrect information, or deleting your information please contact us at info@recovered.org.
8. MODIFICATIONS TO THIS PRIVACY POLICY
We may revise this Privacy Policy from time to time, in Our sole discretion and without notice. The most current version of the Privacy Policy will govern Our collection, use, and disclosure of information about You. Any amendments or changes will take effect immediately upon posting such updates. We will not collect additional categories of Personal Information or use the Personal Information we collect for materially different, unrelated, or incompatible purposes without updating and modifying this Privacy Policy, prior to implementing any changes to our collection practices. As we do not keep your contact data for purposes of contacting you, we do not have a method of providing notice of changes. You must review this Privacy Policy in order to remain up-to-date on our privacy practices. By continuing to access or use the Service after those changes become effective, you agree to the revised Privacy Policy.
9. DATA PRIVACY RIGHTS:
You have certain general rights under various state laws to access and control your personal data.
You have the following rights subject to us verifying your identity for your request(s):
Right to Disclosure. You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months, such as:
the categories of Personal Information we have collected about you.
the categories of sources for the Personal Information we have collected about you.
our business or commercial purpose for collecting or selling that Personal Information.
the categories of third parties with whom we share that Personal Information.
if we sold or disclosed your Personal Information for a business purpose, two separate lists disclosing (i) sales, identifying the Personal Information categories that each category of recipient purchased; and (ii) disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained
Right to Access. You have the right to request that we provide you with information about any third parties with whom your health data has been shared over the past 12 months. If you submit a right to access request, we will provide you with information about who your data has been shared with in a readily usable format. Please note that we are prohibited by law from disclosing copies of certain pieces of Personal Information (e.g., government identification numbers, financial account information, and passwords or security questions and answers) because the disclosure would create a substantial, articulable, and unreasonable risk to the security of the information, our business systems, or your account. We also do not collect that information.
Right to Deletion. You have the right to request that we delete any of your Personal Information that we collected from you and retained, with certain exceptions. We may permanently delete, deidentify, or aggregate the Personal Information in response to a request for deletion. If you submit a right to deletion request, we will confirm the Personal Information to be deleted prior to its deletion, and we will notify you when your request is complete.
Right to Correct. You have the right to request that we correct inaccuracies in your personal data, taking into account the nature of the data and the purposes of processing.
Process for Making a Data Request/How to Exercise Your Data Rights:
Submit a verifiable consumer data privacy request by email at: info@recovered.org
Your privacy request must be capable of being verified. This is to ensure your privacy and that we are not providing data to someone who is not you. We cannot respond to your request or provide you with Personal Information unless we can verify your identity and your authority to make the request and confirm that the Personal Information relates to you. A verifiable consumer privacy request must provide sufficient information that allows us to reasonably verify you are the person about whom we have collected Personal Information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. You do not have to sign up for an account with us to make a verifiable consumer privacy request. We will only use Personal Information provided in the privacy request to verify your identity or authority to make the request.
If you wish to have an Authorized Agent make a verifiable consumer request on your behalf, they will need to provide us with sufficient written proof that you have designated them as your Authorized Agent, and we will still require you to provide sufficient information to allow us to reasonably verify that you are the person about whom we collected Personal Information.
We endeavor to respond to a verifiable consumer request within 45 days of receipt. If we require more time, we will notify you in writing of the reason and extension period, up to an additional 45 days. We will deliver our written response through the same method you made the request. For example, if you submitted through email, we will respond to the email the request originated from. Any disclosures we provide will only cover the 12-month period preceding receipt of the verifiable consumer request. If we cannot comply with part or all of your request, we will explain the reasons in our response.
We are only required to respond to two access and disclosure requests within a 12-month period. We do not charge a fee to process or respond to your verifiable consumer privacy request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Nondiscrimination. We will not discriminate or retaliate against you for exercising any of your data rights. Unless permitted by law, we will not do any of the following as a result of your having exercised your rights:
deny you goods or services.
charge you different prices or rates for goods or services, including through granting discounts or other benefits or imposing penalties.
provide you a different level or quality of goods or services.
suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Right to Appeal. If we deny your data request, you have the right to appeal our decision. The process is the same as submitting a data privacy request.
Submit a verifiable consumer data privacy request to appeal by email at: info@recovered.org. We must be able to verify the request and the actions previously taken on your data request. You will need to describe what you are appealing with sufficient detail that allows us to properly understand, evaluate, and respond to your request.
We endeavor to respond to a verifiable consumer request for appeal of a data decision within 45 days of receipt. If we require more time, we will notify you in writing of the reason and extension period, up to an additional 45 days. We will deliver our written response through the same method that you made the request. We will provide a decision on your appeal and if any actions will be taken or not, as well as the reason for the decision on your appeal. You may have additional rights under your state laws. With any appeal, if we do not take the action that you requested, we will inform you of the contact information for the state agency or office to contact with your issue.
10. ADDITIONAL STATE DISCLOSURES
California. California Civil Code sections 1798.83-1798.84 (the Shine the Light Act) entitles California residents to request disclosure regarding Personal Information sharing with affiliates and/or third parties for direct marketing purposes. As indicated above, we do not sell or share your Personal Information as that term is defined, for any direct marketing purposes. The information you have provided to us is solely to deliver the Services as You’ve requested. Your use of any third party services which you may have learned of through this site will have their own privacy policies which may differ from ours.
Colorado. Colorado residents may contact the Colorado Department of Law, Office of the Attorney General, at https://coag.gov/ regarding concerns.
Nevada: We only “share” your health data if you have provided it to us as part of your request to use our Services. We do not “Sell” any of your health data as that term is defined by NRS 603A.475, as we only provide your health data at your request to use our Services, and at your direction.
Texas. You may contact the Texas Attorney General for more information on your data privacy rights at https://www.texasattorneygeneral.gov/.
Utah. You may contact the Utah Attorney General or the Utah Division of Consumer Protection for more information at: https://dcp.utah.gov/
Washington. The following additional terms solely apply to residents of the state of Washington. Any “Consumer Health Data” as that term is defined in RCW 19.373.010(8), is solely collected based on your consent to receive the Services through our Website. By clicking on our Helpline links, you have consented to collection of your phone number which may be indirectly associated with Consumer Health Data and to sharing of that data so that Services can be provided by routing your call to a Business Provider or clinic. If you do not want your phone number collected, and potentially have it associated with Consumer Health Data, do not click on the Helpline phone numbers on the Website. You may call providers and clinics directly, in which case you are subject to their collection and privacy practices. Once the information has been shared with a Business Provider or Service Providers, that information becomes subject to the Business Providers or Service Providers privacy policies. We do not have control over third party providers use of your personal data.
11. NOT A HIPAA COVERED ENTITY OR BUSINESS ASSOCIATE
Recovered.org is not a “covered entity” as that term is defined under HIPAA. We are not a provider of medical services in any way, and we do not provide medical services, treatment, diagnoses, insurance, prescriptions, or health plans, and we are not a health care clearinghouse. Recovered.org is also not a “business associate” of the Business Providers or other providers that may appear on our Services. We do not provide case management and do not coordinate your care or insurance with any providers or clinics. We are not a vendor of any medical provider’s organizations or services. Our Services are merely educational and meant to provide directory assistance, at your direction and based on your request(s), to a health care provider that may or may not be able to provide services relevant to your needs. To the extent you provide us your protected health information to facilitate this directory assistance, we are merely a conduit to those medical providers. If you have revealed any personal information, including your personal health information, you may exercise your privacy rights regarding personal information as indicated in this Policy.
Please review the privacy practices and notice of any provider you may be directed to so that you may be informed and make informed decisions about your privacy rights.
12. DISCLAIMERS AND INDEMNITY
This website does not provide medical advice or treatment. The information provided through the Services are for general educational/information purposes only and are not a substitute for professional medical diagnosis, treatment, or advice. These Services are not an attempt to practice medicine or provide specific medical or therapeutic advice, and the Services should not be used to diagnose or overrule a qualified health care provider’s judgment. These Services do not provide emergency services. Please consult a doctor or qualified licensed professional for your health concerns. While we take your privacy seriously and do not share your health information without your consent or direction, there is no doctor-patient confidentiality from use of these Services. By use of these services, you consent to these terms. Some of the information provided on this site is written by health care providers and other outside sources. The content is not complete or exhaustive and may not be applicable to any specific medical condition. We assume no duty to correct or update the website, nor to resolve or clarify any inconsistent information that might be part of the Services. We disclaim any warranty concerning the accuracy, timeliness and completeness of the Services, and any other warranty, express or implied, including warranties of merchantability or fitness for a particular purpose. We reserve the right to temporarily or permanently discontinue this Website and the Services.
You assume full responsibility for using the Services and you understand and agree that Recovered.org is not responsible or liable for any claim, loss, or damage resulting from its use by you or any user. We do not and cannot warrant that access to the site will be error or virus-free and we cannot guarantee against unauthorized users or hackers attempting to obtain access to this website.
13. CONTACT INFORMATION
If you have any questions about this Privacy Policy, you may contact us at:
Recovered.org
Attn: Privacy Policy Request
224 West 35th Street
New York, NY 10001
Email: info@recovered.org