Privacy Policy

Last updated: May 1, 2026

1. Overview

Lateral ("we", "our", "us") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your choices.

2. Information We Collect

Account information

When you create an account we collect your email address and authenticate you through our identity provider. We do not collect unnecessary personal details during sign up.

Billing information

Payments are processed by Stripe. We store only the information needed to verify subscription status and support your account. Full card details are never transmitted to or stored on our servers.

Usage data

Our hosting provider collects standard logs such as IP addresses and request metadata for security and operational purposes. We do not add analytics or advertising tracking.

Session content

We do not record, transmit, or store any meeting audio, video, or clinical session content. We may collect the therapist's Zoom account email address when needed to verify license status, but no session content is captured . We do not have access to clients' information and therefore do not record, transmit, or store client PII or HPI.

3. How We Use Your Information

  • To create and manage your account
  • To process subscription payments and verify license status
  • To respond to support requests
  • To send transactional emails (account confirmation, password reset, billing receipts). We do not send marketing email without explicit opt-in.

4. Data Sharing

We do not sell your data. We share limited information only with the service providers necessary to operate the platform:

  • Stripe: payment processing

5. Data Retention

Account data is retained as long as your account is active. After account deletion, personal data is removed within 30 days except where retention is required by law (e.g. billing records).

6. Security

All data is transmitted over HTTPS. We use industry-standard practices to protect account and billing information, and we follow our platform provider's security recommendations for infrastructure.

7. Your Rights

Depending on your jurisdiction you may have the right to access, correct, or delete your personal data. To exercise these rights, contact us and we will respond within 30 days.

8. Cookies and Affiliate Tracking

We do not use tracking or advertising cookies directly on our website. Our app uses short-lived functional cookies and session tokens solely to maintain sign-in and license status. Any cookies or tokens used directly by us are for service functionality only, not tracking, and are not accessible to client-side JavaScript.

Third-Party Affiliate Tracking: We participate in the Zoom affiliate program. If you click an outbound link on our website to sign up for or purchase a Zoom plan, you will be temporarily routed through a third-party affiliate network (Impact Tech, Inc.). This service will place a tracking cookie on your browser to attribute your referral to our website, allowing us to earn a commission. We do not have access to the data collected by these third-party tracking cookies. The data collected through these affiliate links is governed by the respective privacy policies of Zoom and Impact Tech, Inc.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you and the purposes for which we use it.
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions permitted by law (e.g., retention required for billing records). You may also delete your account and all associated data directly from your account dashboard.
  • Right to Correct: You may request correction of inaccurate personal information we hold about you.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
  • Right to Opt-Out of Sale or Sharing: We do not sell or share personal information for cross-context behavioral advertising. No opt-out action is required.

To exercise any of these rights, contact us and we will respond within 45 days.

10. Children's Privacy

The Service is intended for licensed professionals aged 18 and over. We do not knowingly collect personal data from minors.

11. Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of the Service constitutes acceptance.

12. Contact

Privacy questions or data requests? Contact us.