Who we are
Our website addresses is: https://kilobycenter.com
What personal data we collect and why we collect it
When visitors leave comments on our sites, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms Cookies
If you leave a comment on our site you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after one day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with and how long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How we protect your data
We use appropriate technical and organizational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
What data breach procedures do we have in place?
Data breach policy
All services provided by The Kiloby Center are confidential. The Kiloby Center recognizes the very personal and private nature of the information that may be shared by those dealing with trauma and addiction. The Kiloby Center is committed to honoring the choices of clients and to provide services in a manner that facilitates client empowerment. The Kiloby Center will take all necessary steps under this policy and California and federal law to preserve the privacy rights of those who receive its services unless expressly authorized by the client to do otherwise.
Records kept for the purpose of providing advocacy to clients will contain minimal information specifically designed to provide continuity of services and supportive assistance. Information is only documented to the extent necessary to provide services.
Data Breach: Unauthorized access to, unauthorized acquisition of, or accidental release of personal information that compromises the security, confidentiality, or integrity of the personally identifying information (PII) constitutes a data breach.
- A reasonable attempt shall be made to notify clients whose PII has been compromised or released without authorization.
- The Executive Director or designee will notify the Office of Crime Victims Advocacy (OCVA) within 24 hours of identification of the data breach.
- Concurrent to the actions outlined above, steps shall be taken to restore data, reinforce security, and to return all systems to full operation as soon as possible.
Data breach procedure
Unauthorized access to, unauthorized acquisition of, or accidental release of personal information that compromises the security, confidentiality, or integrity of PII constitutes a data breach.
Identification of a Data Breach
The Executive Director will be notified upon identification of an actual or suspected breach of data. The notification shall occur as soon as possible and not more than 24 hours following the discovery of a data breach. The program will conduct a notification to affected parties:
Notification of a Data Breach
A reasonable attempt shall be made to notify clients whose PII has been compromised or released without authorization. A program staff person, in coordination with the director, will attempt to notify the survivor that their PII has been disclosed.
- The program staff should discuss with the survivor what information or records were breached, explain the program policy and procedure, engage in safety planning as appropriate, and provide any additional information about The Kiloby Center’s plan to address the breach and contain further breach or exposure of the survivor’s information.
The Executive Director or designee will notify the Office of Crime Victims Advocacy (OCVA) within 24 hours of identification of the data breach.
- The actual PII will not be disclosed to OCVA in the notification but shall include the extent of the data breach (for example, one client’s PII accidentally released or a database breach of entire agency-client records).
Concurrent to the actions outlined above, steps shall be taken to restore data, reinforce security, and to return all systems to full operation as soon as possible. The Executive Director or designee will investigate the data breach cause and notify the OCVA once fixed.
- This may involve working with an IT person to install malware-blocking software, replacing equipment, or changing the locks to an office or file cabinet.
- In the event the breach involves paper copies of documents, immediate steps shall be taken to recover and secure all remaining documents.
What third parties we receive data from
We receive data from our software partners when you utilize our webchat or information request documents.
Constant Contact: Privacy Center
Square: Privacy and Security
What automated decision making and/or profiling we do with user data
All data we receive is only used for our own communication and marketing efforts. Your information is never sold to third parties.
Industry regulatory disclosure requirements
California Consumer Privacy Act (CCPA) information
When collecting personal information, the Kiloby Center for Recovery, Inc. through the Website or our other services, this personal information is in relation to business-to-business transactions and is not sold to third parties. If you are a California resident and we collect or disclosing your personal information for a business purpose, your rights under the CCPA are limited and do not include the right to access, the right to delete or other rights under the CCPA.
Statement of Client’s Personal Rights
Your rights are to be exercised without regard to sex, sexual orientation, cultural or ethnic group identification, color, economic, educational, or religious background, age, disability, or the source of payment for your care.
You shall be advised of, and given, a copy of your rights at admission.
You shall receive considerate and respectful care, and will be accorded dignity in personal relationships with staff and other persons.
You are to be accorded safe, healthful, and comfortable accommodations to meet your needs.
In our healthcare facilities (chemical dependency recovery hospitals and residential facilities), you have the right to facilitate your own healthcare decisions, accept or refuse medical treatment, and make an advance health care directive. You will be informed of these rights upon admission.
You shall be told the name of the physician, nurse, and counselor with overall responsibility for your care.
You have the right to express your preference regarding your counselor. The Kiloby Center for Recovery will address your preferences as clinically appropriate and as staffing patterns allow.
You will be given information in sufficient time so you may actively participate in decisions regarding your treatment. You will be informed of any special treatment interventions and their purpose. To the extent provided by law, you have the right to refuse treatment, concurrent services, or involvement in research projects.
You shall be provided with confidentiality in accordance with federal regulations (42 CFR part 2, sections 2.1 through 2.67.1 and 45 CFR parts 160 and 164). Detailed information about the release of information is in the Privacy Notice provided to you at admission. This includes your right to and procedures for access to your file.
You are to be informed by the attending physician or his/her delegate of your continuing health care requirements following discharge from a chemical dependency recovery hospital.
You have the right to examine and receive an explanation of your bill, regardless of the source of payment.
You shall know which program rules and policies apply to your conduct.
You may have all “Your Rights” apply to the person who may have a legal responsibility to make decisions regarding your care on your behalf.
You have the right not to be intellectually, emotionally, physically, or sexually abused by staff.
You have the right to services free of psychological abuse, including humiliating, threatening, or exploiting actions, neglect or retaliation.
You have the right to receive services free of fiduciary abuse.
You shall be free to attend religious services or activities of your choice and to have visits from a spiritual advisor if these services or activities do not conflict with your program requirements. Participation in religious services will be voluntary only.
You are to receive reasonable responses to any reasonable request made for services.
You may leave treatment, even against the advice of the attending physician or staff.
You have the right to reasonable continuity of care, to know in advance the time and location of appointments, and the name of the person providing care.
You will be provided a referral to legal services to meet your needs.
You have the right to be informed by the Center of the procedures to file in case of grievance or to appeal discharge. You may also contact:
Department of Health Care Services
Licensing and Certification Branch, MS 2600
PO Box 997413 MS 2600
Sacramento, CA 95899-7413
Attn: Complaint Coordinator