Effective: May 15, 2026 · Last updated: May 15, 2026
Behavioral Blueprints provides exit planning advisory services for behavioral health founders considering a future transaction. We understand the sensitive and confidential nature of M&A-related conversations. All client information is treated with the highest level of confidentiality, and your data is never shared with buyers, competitors, or any third party without your explicit written consent.
By using our website, creating an account, completing a Deal Health Index™ assessment, or engaging our advisory services, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our services.
Certain features of our services, including the Deal Health Index™ self-assessment tool, require you to create a user account. Account registration and authentication are managed through our infrastructure provider, Supabase, which provides secure authentication services including email/password login and third-party social login (such as Google).
When you create an account, we store your email address, a securely hashed version of your password (we never store plain-text passwords), your account creation date, and any profile information you voluntarily provide. If you authenticate through a third-party provider such as Google, we receive your name and email address from that provider. We do not receive or store your Google password.
Your account credentials are protected using industry-standard encryption. You are responsible for maintaining the confidentiality of your login credentials. Please notify us immediately if you suspect unauthorized access to your account.
The Deal Health Index™ is a proprietary assessment that scores behavioral health practices across ten dimensions relevant to transaction outcomes. This section describes how we handle DHI data specifically.
DHI data is collected through our online assessment tool (self-serve) or through advisor-guided engagements. The assessment collects practice-level information across dimensions including revenue quality, EBITDA normalization, clinical compliance, payer mix, operational infrastructure, workforce risk, growth trajectory, market position, documentation readiness, and ownership structure.
Your individual DHI data is never shared with buyers, brokers, investment banks, or other market participants. Your DHI scores, assessment responses, and reports are visible only to you and to the Behavioral Blueprints advisory team assigned to your engagement. DHI data is stored in encrypted databases with row-level security, meaning each user can only access their own data.
We may use anonymized and aggregated DHI data for research, benchmarking, and improving our scoring methodology. Anonymized data has all identifying information removed and cannot be traced back to any individual practice. Examples include publishing aggregate statistics such as average DHI scores by vertical, identifying common gap patterns across behavioral health subsectors, and calibrating scoring weights against historical transaction outcomes. No individual practice, owner, or organization can be identified from any published benchmarks or research.
Certain features of our services may use artificial intelligence to generate personalized narrative reports, recommendations, or analysis based on your DHI scores and assessment data. When AI is used, your assessment data is sent to a third-party AI provider (such as Anthropic or OpenAI) via their API for the sole purpose of generating your report.
AI providers process your data according to their API terms of service, which prohibit them from using API inputs and outputs to train their models. Your data is not retained by the AI provider after your report is generated. We select AI providers that maintain enterprise-grade API data handling policies and we review these policies regularly.
If AI services are temporarily unavailable, your report will be generated using our template-based analysis system, which produces equivalent output without any external data transmission. You will receive a report regardless of AI service availability.
Your information is used exclusively to:
We do not sell, rent, or share your personal or business information with third parties for their marketing purposes.
We share your information only in the following circumstances:
We use the following categories of third-party services:
Each third-party service operates under its own privacy policy. We select vendors that meet our standards for data security, privacy, and compliance. Links to vendor privacy policies are available upon request.
Cookies are small text files stored on your device when you visit a website. They help the site remember your preferences and understand how you interact with it.
You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling essential cookies may prevent you from logging into your account or using certain features. When marketing and analytics cookies are active on our site, we will display a cookie consent banner allowing you to manage your preferences.
We partner with Microsoft Clarity to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve our services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of content and online activity. Additionally, we use this information for site optimization and fraud/security purposes. We do not use this data for advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
We implement security measures appropriate to the sensitivity of the information we handle:
While we take commercially reasonable measures to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but will notify you promptly in the event of a data breach affecting your personal information, in accordance with applicable law.
We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy:
Depending on your jurisdiction, you may have the following rights regarding your personal information:
To exercise any of these rights, contact us at mercier@behavioralblueprints.com. We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
To submit a CCPA/CPRA request, contact us at mercier@behavioralblueprints.com. You may also designate an authorized agent to make a request on your behalf by providing written authorization.
Our services are designed for business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a person under 18, we will delete that information promptly. If you believe we may have inadvertently collected information from a minor, please contact us immediately.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through a notice on our website. Your continued use of our services after any changes constitutes acceptance of the updated policy.
For questions about this Privacy Policy, our data practices, or to exercise your rights:
Behavioral Blueprints
Dana Point, California
mercier@behavioralblueprints.com
For urgent privacy concerns, please include "PRIVACY" in your email subject line.