Skip to main content
Mad River

Privacy Policy

Last updated: March 15, 2026

1. Overview

Mad River, PLLC ("we," "our," or "us") operates the website at https://www.mad-river.org and provides online self-discovery assessment tools and telehealth psychotherapy services. This Privacy Policy explains how we collect, use, and protect your information when you use our website and services.

2. Not HIPAA Compliant

The self-discovery assessment tools on this website are NOT HIPAA compliant. Your responses, scores, and generated reports from our assessments (Connection Style Test, Enneagram Test, Big Five Test, The Blueprint, and Family Attachment & Cohesion Test) are not protected health information (PHI) and are not stored as part of any medical record. These tools are for educational and informational purposes only and do not constitute clinical or diagnostic services.

Telehealth psychotherapy sessions provided by Daniel Elliott, LMHC-A are conducted through HIPAA-compliant platforms separate from this website.

3. Information We Collect

Information You Provide

  • Account information: First name, email address, and password when you create an account (or Google OAuth profile data).
  • Assessment responses: Your answers to self-discovery assessment questions and the resulting scores.
  • Payment information: When you purchase paid assessments or subscriptions, payment is processed by Stripe. We do not store your credit card number.
  • Email address: Provided when taking assessments to receive your results via email.

Information Collected Automatically

  • Standard web analytics data (page views, browser type, device type) through Vercel Analytics.
  • Session cookies necessary for authentication and website functionality.

4. How We Use Your Information

  • To deliver your assessment results via email.
  • To save your assessment results to your account dashboard (when logged in).
  • To generate personalized personality reports (for subscribed users).
  • To process payments through Stripe.
  • To provide customer support and respond to inquiries.
  • To improve our assessment tools and website experience.

5. Data Storage & Security

Account data and assessment results are stored in Supabase (hosted on AWS). We use industry-standard security measures including encryption in transit (TLS/SSL), row-level security policies, and secure authentication tokens. However, no method of electronic storage is 100% secure.

6. Third-Party Services

  • Supabase: Database and authentication services.
  • Stripe: Payment processing for paid assessments and subscriptions.
  • Brevo (Sendinblue): Transactional email delivery for assessment results.
  • Anthropic (Claude): Personalized report generation. Your assessment scores (not raw answers) are sent to Anthropic's API to generate personalized reports. Anthropic does not use this data for training.
  • Vercel: Website hosting and analytics.
  • Google: OAuth authentication (optional sign-in method).

7. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We share data only with the service providers listed above as necessary to operate our services, or as required by law.

8. Your Rights

  • Access: You can view your stored assessment results on your dashboard.
  • Deletion: You may request deletion of your account and all associated data by contacting us at daniel.m.elliott.jr@gmail.com.
  • Correction: You can update your profile information through your account settings.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at daniel.m.elliott.jr@gmail.com or call (425) 608-0224.