Legal

Privacy Policy

Effective May 9, 2026

Introduction

Soft Roots Healing (“we,” “our,” or “us”) is operated by Eliesha Rajaram, LCSW. This Privacy Policy explains how we collect, use, and protect information gathered through this website (softrootshealing.org).

This policy governs data collected through this website only. If you become a client, your clinical health information is governed by separate HIPAA-compliant privacy practices provided through Alma, the platform through which our clinical practice operates.

Important Notice

This website, including the contact form and email, is not a HIPAA-secure channel. Please do not include sensitive health information (diagnoses, medications, symptoms, or trauma details) in any messages sent through this website. Secure communication is available through the Alma client portal once a therapeutic relationship is established.

Contacting us through this website does not create a therapist-client relationship.

Waitlist submissions are stored in our Cloudflare-hosted website database and may trigger an administrative email notification through Resend.

Information We Collect

Information You Provide

  • Name, email address, and any information you provide when you use our contact or waitlist form
  • Any other information you choose to share in correspondence

Information Collected Automatically

  • Device and browser information, IP address, pages visited, and referring URLs through server logs
  • Aggregate website usage data through Google Analytics and Microsoft Clarity (see “Analytics & Cookies” below)
  • Security-related data processed by Cloudflare, our infrastructure provider, including cookies set for bot protection

How We Use Your Information

  • To respond to your inquiries and schedule consultations
  • To improve our website content and functionality
  • To comply with legal obligations

We do not sell, rent, or share your personal information with third parties for marketing purposes. We do not use advertising networks on this website.

Analytics & Cookies

This website uses Google Analytics to understand how visitors interact with our site. Google Analytics collects information such as pages visited, time on site, and general location data. This data is aggregated and does not identify you personally. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

This website also uses Microsoft Clarity to understand how visitors use and interact with our site through behavioral metrics, heatmaps, and session replay. Website usage data may be captured using first- and third-party cookies and other tracking technologies. We use this information for site optimization and fraud/security purposes, not for advertising. For more information about how Microsoft collects and uses data, visit the Microsoft Privacy Statement.

Cloudflare may set security cookies (such as __cf_bm) for bot protection. These are strictly necessary for website security and cannot be disabled.

Third-Party Services

  • Alma — Our clinical practice platform. Once a therapeutic relationship is established, client data is managed through Alma's HIPAA-compliant systems. See Alma's Privacy Policy.
  • Cloudflare — Infrastructure, security, and waitlist database provider. Processes all web traffic and stores website waitlist submissions.
  • Resend — Email delivery provider used to send administrative notifications when a waitlist form is submitted.
  • Google Analytics — Website analytics (see above).
  • Microsoft Clarity — Website usage analytics, heatmaps, and session replay (see above).

Links to Instagram and LinkedIn in our footer are governed by those platforms' own privacy policies. We never share client information on social media.

Data Retention

Contact form submissions and email correspondence are retained for as long as necessary to respond to your inquiry. If no client relationship is established, we delete your contact information within 12 months unless you request earlier deletion.

Data Security

All pages on this website are served over HTTPS encryption. We implement reasonable administrative, technical, and physical safeguards to protect the personal information collected through this site in accordance with the New York SHIELD Act. In the event of a data breach, we will notify affected individuals as required by New York law.

Children's Privacy

This website is not directed at children under 13 and we do not knowingly collect personal information from children. If a parent or guardian contacts us on behalf of a minor, that information is treated as the adult's data. Clinical information about minors is handled through Alma under applicable HIPAA and New York State privacy protections.

Your Rights

You have the right to:

  • Request access to the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data (contact form submissions and correspondence)

To exercise any of these rights, reach out through our website contact form with “Privacy Request” in your message. We will respond within 30 days.

These rights apply to website data only. Rights regarding clinical health records are governed by HIPAA and managed through Alma.

Changes to This Policy

We may update this policy from time to time. Changes will be reflected by the “Effective” date at the top of this page. We encourage you to review this policy periodically.

Contact

For questions about this Privacy Policy, please reach out through our website contact form.

Eliesha Rajaram, LCSW
Soft Roots Healing

← Back to home