Privacy Policy

When you use the site, we collect what you give us directly:

• Account info — email, full name, optional phone, and a password (stored hashed with Argon2id, never in plain text).
• Booking info — the service you booked, the time, your preferred modality (in-person / video / phone / proxy), and any notes you add.
• Intake form — the optional health-history fields you fill out before sessions (date of birth, current concerns, medications, prior energy work, goals, emergency contact). These are visible only to Diana.
• Session notes — Diana's observations and the list of trapped emotions released during your sessions. Visible only to Diana.
• Messages — anything you send through the contact form or the in-app inbox.

We also collect a small amount of usage data automatically through PostHog (page views, clicks, error reports) to understand how the site is being used and what's broken. PostHog is configured to honor Do Not Track and to redact form contents.

• To run the booking system, send confirmations, and remind you of upcoming sessions.
• To let Diana provide personalized session work and follow-ups.
• To send password resets and other transactional email you ask for.
• To debug issues and improve the site (aggregated, never sold).
• To meet legal or financial recordkeeping requirements.

We do not use your information for advertising. We do not sell or rent personal data to anyone, ever.

We use a small number of vendors to actually run the site. Each is bound by their own privacy terms:

• Neon (Postgres database hosting) — stores account, booking, intake, and session-note data. Encrypted at rest and in transit.
• Render (API hosting) — runs the backend that handles bookings and authentication.
• Cloudflare Pages (frontend hosting) — serves the website you're on right now.
• Resend (transactional email) — sends booking confirmations, password resets, and contact-form notifications.
• PostHog (product analytics) — collects anonymized usage events.

• All traffic is HTTPS-only with HSTS enabled.
• Passwords are hashed with Argon2id before storage.
• Database connections use TLS encryption.
• Session notes and intake data are visible only to Diana and only when she's logged in to her dashboard.
• Rate limiting and request validation protect against brute-force and injection attacks.

No system is perfect. If a breach happens that affects you, we'll let you know as soon as we reasonably can.

• Account data: while your account is active. You can request deletion anytime (see Section 6).
• Session notes: typically retained for the duration of our practitioner-client relationship and a reasonable period after, in line with general bodywork standards.
• Booking and payment records: kept as long as needed for tax and recordkeeping requirements.
• Analytics events: kept no longer than necessary to understand site usage.

You can ask us to:

• Show you everything we have about you (right of access).
• Correct anything that's wrong (right to rectification).
• Delete your account and personal data (right to erasure) — except records we're legally required to keep.
• Export your data in a portable format (right to portability).
• Stop using your data for analytics (right to object).

Email diana@dianaheals.com with your request and we'll respond as quickly as we reasonably can — typically within a few weeks.

We use a small number of cookies and localStorage entries: a session token (so you don't have to sign in on every page), a PostHog anonymous ID, and a remembered preference for which dashboard tab you had open. We do not use third-party advertising cookies.

The Service is intended for adults (18+). We don't knowingly collect personal information from children. If you're a parent and believe your child has signed up, email diana@dianaheals.com and we'll delete the account.

We'll update this page when something material changes — new vendor, new data type collected, new retention rule. The "last updated" date at the top will reflect the change. Material changes will also be emailed to active account holders.