Privacy Policy – GK Therapy

 

Kosanovic Psychotherapy Professional Corporation

Last Updated: February 14, 2026

 

GK Therapy (operated by Kosanovic Psychotherapy

Professional Corporation) is committed to protecting your privacy and the confidentiality of your personal health information in accordance with applicable Canadian laws, including the Personal Health Information Protection Act, 2004 (PHIPA), the Personal Information Protection and Electronic Documents Act (PIPEDA), and the professional standards of the College of Registered Psychotherapists of Ontario (CRPO).This Privacy Policy explains how we collect, use, disclose, retain, and protect your personal information and personal health information when you interact with our website (gktherapy.ca), contact us, or receive psychotherapy services.

1. Who We Are:

  • Health Information Custodian (HIC): Goran Kosanovic, Registered Psychotherapist (CRPO # 11757)
  • Practice Name: GK Therapy / Kosanovic Psychotherapy Professional Corporation
  • Contact: goran@gktherapy.ca | 365-801-5768
    Privacy Officer: Goran Kosanovic (same contact)

2. What Information We Collect

We collect only the personal information and personal health information (PHI) that is reasonably necessary to provide psychotherapy services or respond to inquiries. This may include:

  • Contact and Identification Information: Name, email address, phone number, mailing address (if provided via contact form, intake, or booking)
  • Health Information: Reasons for seeking therapy, mental health history, current concerns, treatment goals, session notes, and any relevant medical or therapeutic history you share
  • Technical Information: IP address, browser type, pages visited, time/date of access, and anonymized analytics data (via Google Analytics) when you visit our website

We collect this information directly from you (e.g., contact form, intake forms, sessions) or automatically via website tools.

3. How We Use Your Information

We use your information only for the purposes for which it was collected, including:

  • Providing and managing psychotherapy services
  • Scheduling appointments and communicating with you (email, phone, secure messaging)
  • Complying with legal and professional obligations (e.g., CRPO standards, mandatory reporting under PHIPA or other laws)
  • Improving our website/services (anonymous analytics only)
  • Responding to inquiries submitted through the contact form

We do not sell your personal information or use it for marketing without your express consent.

4. Consent

By providing your personal health information or using our contact form, you consent to its collection, use, and disclosure as described in this policy. Consent may be express (written/verbal) or implied (e.g., voluntarily sharing information during therapy). You may withdraw consent at any time, subject to legal, contractual, or professional limitations (withdrawal may affect our ability to provide services).

5. Disclosure of Information

We do not disclose your personal health information except:

  • With your express consent
  • As required or permitted by law (e.g., mandatory reporting of child abuse, imminent harm to self/others, court orders, CRPO investigations)
  • To our agents/service providers (e.g., secure email, Zoom for virtual sessions, Google Analytics for anonymized data) who are bound by confidentiality and privacy obligations
  • In aggregated, anonymized form for research, education, or quality improvement (no identifying details)

All third parties we share information with are required to comply with PHIPA/PIPEDA.

6. Security of Your Information

We take reasonable steps to protect your personal health information from loss, theft, unauthorized access, use, disclosure, copying, or modification, including:

  • Secure, password-protected electronic records
  • Encrypted communication tools where possible
  • Limited access (only to authorized personnel)
  • Secure physical storage of any paper records

No method of transmission over the Internet or electronic storage is 100% secure — we cannot guarantee absolute security.

7. Retention of Records

We retain your clinical records in accordance with CRPO and PHIPA requirements:

  • At least 10 years after your last contact/service (or longer if required by law)
  • After retention period, records are securely destroyed or anonymized

Website analytics data is retained per Google Analytics policies (typically 14–26 months; anonymized).

8. Your Rights

Under PHIPA and PIPEDA, you have the right to:

  • Access your records (with limited exceptions)
  • Request corrections to inaccurate information
  • Withdraw consent (subject to limitations)
  • File a complaint with our Privacy Officer or the Information and Privacy Commissioner of Ontario (IPC)

Contact our Privacy Officer (details above) to exercise these rights.

9. Website & Third-Party Tools

  • Our site uses Google Analytics for anonymous usage statistics (IP anonymization enabled where possible)
  • Contact forms may use third-party services (e.g., Contact Form 7) — data is transmitted securely
  • Virtual sessions may use Zoom or similar — review their privacy policies
  • We do not knowingly collect information from children under 16 without parental consent

10. Changes to This Policy

We may update this policy from time to time. Changes will be posted here with an updated “Last Updated” date. Continued use of our services/website constitutes acceptance of changes.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact:

Goran Kosanovic

Privacy Officer

GK Therapy

goran@gktherapy.ca (mailto:goran@gktherapy.ca)
365-801-5768Thank you for trusting us with your care.