Privacy Policy.

Effective date: September 5, 2025

Relief Massage Method (“RMM,” “we,” “our,” “us,” “I,” or “me”) respects your privacy and is committed to protecting your information. This Privacy Policy explains what we collect, how we use it, how we protect it, and the choices you have. If you are a client receiving health-related bodywork, additional protections may apply to your health information. See “HIPAA and Protected Health Information” below.

This policy is for general privacy. It is not legal advice. If you need legal guidance, consult your attorney.

Who we are

Stanley Wellness LLC

DBA: Relief Massage Method
Kansas City, Missouri, USA
Email: hi@reliefmassagemethod.com
Phone: 816-355-6842
Mailing Address: 5901 NW 63rd Terrace STE 106 Kansas City, Missouri, USA 64151

Scope

This policy covers information collected online and offline, including through our website, scheduling pages, forms, emails, messaging, phone calls, and in-person visits.

What we collect

We collect information in three main categories:

  1. Contact and scheduling details
    Name, email, phone, appointment history, messages, and preferences.

  2. Service and intake information
    Information you share about goals, areas of tension, comfort preferences, and relevant history. If you receive health-related services, some of this may be “Protected Health Information” or “PHI,” described in the HIPAA section below.

  3. Technical data
    Cookie data, approximate location, device and browser information, pages visited, and referring links. If we use analytics, we do so to improve site performance. You can control cookies in your browser settings.

How we use information

  • Deliver and personalize treatments and client care

  • Schedule, confirm, and manage appointments

  • Respond to inquiries and support requests

  • Process payments and manage billing records

  • Operate, secure, and improve our website and services

  • Send service updates, policy notices, and marketing messages, where permitted

  • Comply with law and enforce our terms

Legal bases for processing (for visitors from the EU, EEA, UK)

We rely on consent, performance of a contract, legitimate interests, and compliance with legal obligations, as applicable.

How we share information

We share information only as needed to provide our services or comply with law:

  • Vendors and service providers that help us run scheduling, email, storage, security, and payments, subject to appropriate agreements

  • Professional advisors and insurers

  • Law enforcement or regulators when required

  • Business transfers in the event of a merger, sale, or reorganization

We do not sell your personal information.

Data retention

We retain information for as long as needed to provide services, meet legal or insurance requirements, and keep accurate business records. When no longer needed, we delete or de-identify data under a documented schedule.

Security

We use reasonable administrative, technical, and physical safeguards. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security.

HIPAA and Protected Health Information (PHI)

If RMM qualifies as a HIPAA “covered entity” or works with covered entities, we safeguard PHI as required by HIPAA. We maintain appropriate policies, access controls, training, and vendor agreements for systems that may handle PHI. Google states that covered entities must review and accept a HIPAA Business Associate Amendment before using Google services with PHI. We follow Google’s implementation guidance and only use covered services and configurations for PHI. Google HelpGoogle Cloud

Email communications and PHI

Email can be convenient, yet it is not always appropriate for PHI. We limit PHI in unencrypted email, and we use Google Workspace features to support secure email transmission. For sensitive content, we may use encrypted options or request another channel. If you choose to communicate via regular email after being advised of risks, you accept those risks.

Special Gmail configuration we use for HIPAA support

RMM uses Google Workspace, not free consumer Gmail, and we implement the following controls that support HIPAA compliance:

  1. Business Associate Amendment with Google
    We review and accept Google’s HIPAA BAA in the Admin console before using Workspace services with PHI, and we follow Google’s “HIPAA Included Functionality” and implementation guide. Google Help+1

  2. TLS secure transport enforcement
    We configure Gmail’s Secure transport (TLS) compliance setting to require TLS for sent and received email where technically feasible, and we use certificate validation options. This helps protect email in transit. Google Help

  3. Hosted S/MIME for message-level encryption
    Where appropriate, we enable hosted S/MIME in Google Workspace to add message signing and encryption for compatible recipients. Google Help+1

  4. Do not rely on Confidential Mode as the sole safeguard
    Gmail Confidential Mode can add access controls, yet it does not replace encryption and should not be used as the only HIPAA control. We treat it as a supplemental feature only. Total HIPAA ComplianceHIPAA Vault

  5. Paid Google Workspace only
    We do not use free consumer Gmail for PHI. HIPAA support requires Google Workspace with an accepted BAA and appropriate security configurations. The HIPAA JournalSprinto

Important: A signed BAA and these settings support compliance, yet they do not make any email inherently “HIPAA-compliant” in all cases. Organizations remain responsible for proper use, policies, training, and limiting PHI in email. Google’s guidance confirms that customers are responsible for building and operating compliant solutions. Google Cloud

Payments

If you pay online, your payment is processed by a third-party processor. We do not store full card numbers on our servers.

Children’s privacy

Our services are intended for adults. If you are under the age required by your jurisdiction to consent, a parent or legal guardian must provide consent.

Your choices

  • You can update contact details, preferences, and subscription settings by contacting us.

  • You can request access, correction, or deletion, subject to legal limits.

  • You can opt out of marketing emails at any time by using the unsubscribe link or contacting us.

If you are a client whose information is PHI, you may have additional rights under HIPAA, including rights of access and accounting of disclosures. Contact us to exercise those rights.

International visitors

If you visit from outside the United States, you consent to processing in the United States, which may have different data protection laws.

Third-party links

Our website may link to external sites. We are not responsible for their privacy practices.

Changes to this policy

We may update this policy to reflect operational or legal changes. We will post the updated date at the top.

Contact us

Questions about this policy or your privacy rights:
Email: hi@reliefmassagemethod.com
Mailing Address: 5901 NW 63rd Terrace STE 106 Kansas City, Missouri, USA 64151