SPA MEDICA AESTHETIC
Privacy Policy

Effective Date: May 18, 2022
Last Updated: July 25, 2025
 

Spa Medica Aesthetic ("Spa Medica Aesthetic," “we,” “our,” or “us”) values your privacy. This Privacy Policy (“Policy”) explains how we collect, use, disclose, and protect your personal information when you access or use:

• www.spamedicaaesthetic.com (the “Site”)

• Any forms, content, features, or communications found on the Site

• Third-party scheduling platforms used to book appointments

• Email, SMS, or other marketing campaigns

• Spa Medica Aesthetic’s social media pages such as Meta or Instagram (collectively, “Services”)

Please read this Policy carefully. By accessing our Site or using our Services, you agree to the terms of this Privacy Policy. IF YOU DO NOT AGREE TO THE TERMS OF THIS PRIVACY POLICY IN ENTIRETY YOU MAY NOT ACCESS OR USE SPA MEDICA AESTHETIC SERVICE OR OFFERINGS.

1. Information We Collect

When you use our website and the services we offer, we may collect and process certain information about you. This information generally falls into two categories: "Personal Information We Collect" and "Non-Personally Identifiable Information".
 

Personal Information We Collect:

In connection with registering on the site or using specific features of Spa Medica Aesthetic’s services, we may collect the following types of personal information:

(a) Full name
(b) Email address
(c) Mailing or billing address
(d) Telephone number
(e) Payment details, such as credit card information (where applicable for purchasing products or services)
(f) The types of treatments or services you are interested in
(g) Preferred days and times for scheduling services
(h) Your preferred method or time of contact
(i) Additional comments or notes you choose to share
(j) Any other information requested through our online forms

Information under item (f) may include details related to your skin concerns, goals, or areas of interest and is treated as sensitive information. We take appropriate measures to protect this data as part of our commitment to privacy and confidentiality.

We only collect and use this information to provide services at your request, to improve your experience, and to facilitate communication with you. We do not share this information with third parties except as necessary to provide our services or where required by law.

Non-Personally Identifiable Information:

Mobile Device and Geolocation Information
We may collect non-personally identifiable information about you and your mobile device (“Mobile Device”) when you access the site and/or visit certain pages. This non-personally identifiable information may include, without limitation, the following: Mobile Device platform type; Mobile Device identifier; SDK version; iOS Identifier for Advertising (if applicable); iOS Identifier for Vendors (if applicable); Media Access Control (MAC) address; International Mobile Equipment Identity (IMEI); the model type, manufacturer, and iOS or Android version of your Mobile Device. We use this information to improve the design and content of Spa Medica Aesthetic’s offerings and to personalize your experience. We may also use this information in aggregate to analyze usage trends or inform updates to our services.
 

Geolocation Tracking
Spa Medica Aesthetic does not use geolocation technology to track users’ locations.

IP Addresses / Browser Type
We may collect non-personally identifiable information about you and your desktop or mobile device when you visit our website. This may include your browser type, IP address, operating system, and internet service provider domain. This information helps us improve your browsing experience and optimize the design and performance of Spa Medica Aesthetic’s online services. We may also use this information in aggregate to analyze site usage trends.

Cookies
When you visit the site, we may send one or more cookies and/or gif files to assign an anonymous, unique identifier to your computer or mobile device. A cookie is a small data file stored on your device containing non-personally identifiable information. Cookies help enhance your experience on our site. For more information about cookies, please visit https://www.allaboutcookies.org 

We use cookies to store user preferences and track trends, such as which pages you visit and how long you stay on the site. Most internet browsers are set to accept cookies by default, but you can change your browser settings to refuse or alert you when cookies are being sent. Disabling cookies may affect some functionality of the Spa Medica Aesthetic website, but you may still be able to access our services. We reserve the right to retain cookie data indefinitely.
 

Action Tags, Web Beacons, and Other Data Collection Methods
Action tags (also known as web beacons) are 1×1 pixel images used to track engagement with specific pages or ads. We may use these tags to monitor activity, such as how many users click a banner or view a specific service. This data may be used to optimize offerings and improve service relevance. We reserve the right to retain this data indefinitely. 

Behavioral Tracking
Neither Spa Medica Aesthetic nor any third party currently uses cookies, pixels, or other technologies to track users' activity after leaving our site.
 

Other Websites
Spa Medica Aesthetic’s website may include links to external, third-party websites, including social media platforms. We are not responsible for the privacy practices or content of these external sites. If you interact with any of these third-party services (such as completing a purchase or filling out a form), you may be subject to their separate privacy policies and data collection terms. We recommend reviewing their terms before submitting any personal information.

​

2. How We Use Personal Information

Generally, Spa Medica Aesthetic uses the information gathered to provide, improve, and develop the services we offer to you, to communicate with you, enhance your overall experience, and protect both our clients and business. When you interact with or make use of the Spa Medica Aesthetic service, we may use a variety of technologies to process your personal information for various legitimate and permitted purposes. The following provisions below govern our use of your personal information that is not considered Protected Health Information (PHI).

 

Fraud Detection and Prevention:
We use your personal information to increase and maintain the security of our services and prevent misuse. This includes detecting and preventing fraud, abuse, or other harmful activity to help protect Spa Medica Aesthetic, our clients, and others. We may also use collected data to manage risk, investigate suspicious activity, and enforce our policies and legal rights.

 

Telephone Communication Purposes:
Where you provide “prior express written consent” under the Telephone Consumer Protection Act (47 USC § 227) and related FCC regulations, you consent to receive communications from Spa Medica Aesthetic, including voice calls, pre-recorded messages, and SMS text messages delivered via automated technology, to the phone number(s) you provide. Please note, you are not required to provide this consent in order to access services from Spa Medica Aesthetic. This consent only enables us to contact you through these methods. You are obligated to notify us immediately of any changes to your phone number by contacting us through the information provided in the “Contact Us” section. This includes if you:
(a) have your number reassigned,
(b) discontinue its use,
(c) transfer it to/from a landline, or
(d) otherwise change your contact status in any way (“Phone Number Change”).
 

Email Communication Purposes:
We may send emails, newsletters, appointment updates, and related messages to the email address you provide. These communications may be used to verify your account, respond to inquiries, send service-related updates, and provide information regarding new offerings or administrative needs. You can opt out of non-essential emails at any time.
 

Provide, Troubleshoot, and Improve Services:
We use your personal information to help us operate, diagnose, manage, and improve Spa Medica Aesthetic’s services. This may include analyzing how services are used, resolving technical issues, refining our offerings, and enhancing the overall experience. Additionally, we may use the information to perform internal functions such as billing, accounting, auditing, or customer support.
 

Recommendations and Personalization:
We use your personal information to customize your experience, including tailoring services and communications to your interests or treatment preferences. This can include personalized treatment recommendations or service follow-ups, depending on your use of the Spa Medica Aesthetic website and booking system.
 

Compliance with Legal Obligations:
We may use personal information to comply with applicable laws, regulations, legal processes, or enforceable governmental requests. This may include enforcing our Terms and Conditions, responding to legal claims or obligations, or maintaining appropriate records as required under California or federal law.

3. Personal Information That We Share

Spa Medica Aesthetic will never share, sell, rent, exchange, or barter your personal information to or with any third party for financial gain or marketing purposes except as described below:
 

Service Providers:
We may employ other companies and individuals to perform certain functions on our behalf. Examples include sending direct and electronic mail, removing duplicate information from user lists, analyzing data, and providing marketing or operational support. These agents performing such limited functions will have access to personal information only as needed to perform these functions and are not permitted to use personal information for any other purpose.
Additionally, Spa Medica Aesthetic utilizes third-party payment service providers to process payments. If you choose to purchase treatments or products through our website, your payment details may be collected directly by a third-party processor or shared securely with them. We require that our payment service providers maintain privacy practices consistent with this Privacy Policy. However, we cannot control or guarantee the privacy policies of these third-party providers. You are encouraged to review their privacy policies and terms before submitting your payment information.
 

Subsidiaries and Affiliates:
We may share personal information collected through your use of the Service with our subsidiaries or affiliated entities for purposes aligned with your interaction with Spa Medica Aesthetic, or as reasonably necessary for internal administrative or operational needs.

Merger or Acquisition:
In the event Spa Medica Aesthetic is involved in a merger, acquisition, reorganization, sale of assets, or bankruptcy proceeding, your personal information may be transferred as part of that transaction, consistent with this Privacy Policy.
 

Compliance with Laws:
We may disclose personal information as required by applicable law, legal process, or in response to valid requests by public authorities (including law enforcement or government entities). This may include disclosures made to investigate or prevent suspected illegal activities or threats to public safety.
 

Public Health Reporting:
Your health-related information may be disclosed to public health authorities as required by law. For example, we may be required to report certain communicable diseases or other health-related information to the appropriate public health agencies.

Social Media Websites:
If you interact with Spa Medica Aesthetic or others through any of our social media accounts, please be aware that any personal information you submit may be visible to other users depending on your privacy settings. Additionally, when we respond to public interactions on our pages, your account name/handle may be viewable to others.
We are not responsible for the privacy practices of any social media platforms. These platforms operate independently and may collect or share information under their own privacy policies. We recommend reviewing the privacy terms of the platforms you engage with.

Consent:
We may share your personal information in accordance with any express consent you provide.

4. Security and Keeping Your Data Safe

As a matter of policy, Spa Medica Aesthetic endeavors to safeguard our users’ personal information. When users make personal information available to us, that information is protected both online and offline. Our registration and intake process may prompt users to enter Sensitive Information and/or Protected Health Information (PHI) through secure, HIPAA-compliant third-party platforms. All such data is encrypted in transit and at rest using advanced Transport Layer Security (TLS) protocols.
 

Access to your personal information is strictly limited, and we take reasonable measures to ensure that it is not accessible to the public. All personal information is securely stored within Spa Medica Aesthetic systems and, where applicable, within the systems of our third-party service providers. Access to such information is granted only to employees, contractors, or agents who need it to perform specific duties. All Spa Medica Aesthetic personnel are trained on the importance of safeguarding personal data, and those who violate our privacy protocols are subject to disciplinary action.
 

The servers on which we store personal information are kept in a secure, controlled environment, and we implement multiple layers of safeguards to protect against unauthorized access, loss, misuse, or alteration of your personal data.

However, please note that no data transmission over the Internet or wireless network, nor any data storage technology, software, or security protocol, can be guaranteed to be 100% secure. Despite our best efforts, it is possible that unauthorized parties may circumvent our security measures and access your personal information. Additionally, system bugs, technological errors, or other unforeseen events could result in the inadvertent disclosure of data. Any such attempt to breach our network or database security is a violation of law and may result in prosecution.

Any transmission of data through the Spa Medica Aesthetic website or services, or over the Internet, is undertaken at your own risk.

In accordance with applicable federal and California state laws, Spa Medica Aesthetic will notify affected users and the appropriate regulatory authorities in the event of a data breach involving your personal information. You will be notified via email if such a breach occurs. Please note that notice may be delayed if law enforcement authorities determine that immediate notification would impede an investigation or interfere with necessary security measures.

​

5. Personal Information Retention and Deletion

We retain your personal information only as long as necessary to provide you with the Spa Medica Aesthetic services and to fulfill legitimate and essential business purposes—such as maintaining service performance, supporting data-driven improvements, complying with legal obligations, and resolving disputes. Some personal information may be kept for as long as you remain an active user of Spa Medica Aesthetic services.
 

Upon your request, we will delete or anonymize your personal information so that it can no longer be linked to you—unless we are legally permitted or required to retain certain information. This may occur in situations such as:

• Outstanding issues: If your account has an unresolved issue (e.g., an open balance or active dispute), we will retain the relevant personal information until the issue is fully resolved.

• Legal obligations: Where we are required to retain information for legal, tax, audit, or accounting purposes, we will retain only what is necessary for the period specified under applicable law.

• Legitimate business interests: We may retain personal information where necessary to detect or prevent fraud, or to maintain the ongoing security and integrity of our systems and services.

6. Your Rights

Data protection laws grant you certain rights (“information rights”), which include:
Right of Rectification or Deletion:
At your request, we will:
(a) inform you of what personal information we have on file for you;
(b) amend the personal information that we have on file for you; and/or
(c) remove personal information that you have provided to us, or that we have collected.

You may make this request by contacting us via email at: info@spamedicaaesthetic.com.

We may ask you to verify your identity and specify the information you would like to access, amend, or delete before processing your request. To the extent permitted by applicable law, we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, risk the privacy of others, or would be extremely impractical (e.g., requests related to data stored on backup systems).
 

Please note that deleting your personal information may limit your ability to participate in certain services or promotions. If you wish to maintain full access, you may not be able to delete all personal information on file.

Additionally, after deletion, residual copies may remain in backup systems for a limited time before being fully erased from our active servers.

Right to Object:
You have the right to object to our processing of your personal data where the processing is based on our legitimate interests, including but not limited to direct marketing and profiling.
 

Right to Withdraw Consent:
Where processing is based on your consent, you may withdraw that consent at any time. To do so, please email us at info@spamedicaaesthetic.com with a description of the specific consent you wish to withdraw.
 

Right to Complain:
If you are dissatisfied with how we use or handle your personal data, you have the right to lodge a complaint with the relevant data protection supervisory authority. However, we would appreciate the opportunity to address your concerns directly first. Please contact us at info@spamedicaaesthetic.com and we will do our best to resolve the issue.

7. HIPAA Privacy Notice

In addition to the terms set forth in this Privacy Policy, Spa Medica Aesthetic complies with the Standards for Privacy of Individually Identifiable Health Information (the “Privacy Standard”) established by the U.S. Department of Health and Human Services (“HHS”) under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended.

As a healthcare provider, we are required by law to take reasonable steps to ensure the privacy and security of your Protected Health Information (“PHI”). This includes personally identifiable health information that you provide to us in connection with our treatments, services, and consultations.
 

This Privacy Policy also serves as our HIPAA Notice of Privacy Practices. As such, it informs you of the following:

• How Spa Medica Aesthetic may use and disclose your PHI for treatment, payment, and healthcare operations;

• Your rights regarding your PHI, including the right to access and request corrections;

• Our legal duties to protect the privacy of your PHI;

• Your right to file a complaint with Spa Medica Aesthetic or with the U.S. Department of Health and Human Services if you believe your rights have been violated;

• How you can obtain further information about our privacy practices or contact our office with concerns.

We are committed to maintaining the confidentiality of your health information and follow administrative, technical, and physical safeguards to protect it.
 

If you have any questions regarding your PHI or our privacy practices, please contact us at:
Spa Medica Aesthetic
Email: info@spamedicaaesthetic.com

8. Your California Privacy Rights

Spa Medica Aesthetic does not sell or share Protected Health Information (PHI) or sensitive personal information.

We may use limited, non-personal information, such as general website activity or form submissions provided with user consent, for interest-based advertising through platforms like Meta and Google. This information is not associated with any health condition and does not include any data subject to HIPAA protections unless we have obtained explicit authorization.
 

If you are a California resident, you have the right to:

• Request access to the personal information we have collected about you,

• Request deletion of your personal information,

• Opt out of the use or sharing of your personal information for cross-context behavioral advertising.

To exercise these rights or learn more, please contact us at info@spamedicaaesthetic.com or call (818) 646-9730.

In accordance with California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), you may also request information regarding the categories of personal information we have disclosed to third parties for their direct marketing purposes in the past year and the names of those third parties.

 

9. Minors

No information should be submitted to or posted by and through the site and/or app by visitors under eighteen (18) years of age (or the applicable age of majority, if greater than eighteen (18) years of age). Persons under eighteen (18) years of age (or the applicable age of majority, if greater than eighteen (18) years of age) are not permitted to access Spa Medica Aesthetic Offerings, and we do not knowingly collect personal information from such individuals. We encourage parents and guardians to spend time online with their children and participate in and monitor the interactive activities of their children.

 

10. Unsubscribe or Opt-Out

To opt out of receiving e-mail communications from us, you can follow the instructions at the end of the applicable e-mail message or email us at: info@spamedicaaesthetic.com.
Notwithstanding the preceding, we may continue to contact you to communicate information relating to your request for Spa Medica Aesthetic offerings and respond to any inquiry or request made by you. To opt out of receiving Spa Medica Aesthetic offerings-related and/or inquiry response-related messages from Spa Medica Aesthetic, you must cease requesting and/or utilizing Spa Medica Aesthetic offerings and/or cease submitting questions to Spa Medica Aesthetic, as applicable.

 

11. Transfer of Personal Information Internationally

If you are visiting the site and/or app from a country other than the country in which our servers are located, your communications with us may result in the transfer of information across international boundaries. By visiting the site, app, and/or otherwise communicating electronically with us, you consent to such transfers. Even if your jurisdiction does not have the same privacy laws as the jurisdiction where our servers are located, we will treat your information subject to the protections described in this Privacy Policy.

 

12. Links to Other Websites

Spa Medica Aesthetic does not claim nor accept responsibility for any privacy policies, practices, and/or procedures of other third-party sites or resources. Therefore, we encourage all users and visitors to be aware when they leave our site and to read the privacy statements of every website that collects personally identifiable information. This Privacy Policy applies only and solely to the information collected on our site and via the services that we offer.
 

13. Changes to This Privacy Policy

We reserve the right to change, modify, add, or remove portions of this Privacy Policy at any time. If our use of your personally identifiable information changes in a material way, we will notify you through one or more of the following methods:

• Sending an updated version of the Policy via email (if you have provided your email address); and/or

• Posting the revised Policy prominently on our Site; and/or

• Any other method as required under applicable state or federal law.

You will have the opportunity to opt in before we use your information in a materially different way. Continued use of the Site and Services after updates are posted constitutes acceptance of the updated Policy.

 

14. Data Controller

Spa Medica Aesthetic operates under the legal jurisdiction of the State of California, USA.

For purposes of the California Consumer Privacy Act (CCPA/CPRA), Spa Medica Aesthetic is the data controller of the personal information collected through the Site and Services.

If you are accessing this Site from the European Union or European Economic Area and subject to the General Data Protection Regulation (GDPR), Spa Medica Aesthetic shall also be considered the data controller responsible for your personal data.

 

15. Contact Us

If you have any questions about this Privacy Policy, the practices of Spa Medica Aesthetic, or your dealings with Spa Medica Aesthetic, please email us at: info@spamedicaaesthetic.com.
 

Filing a Complaint with the Federal Trade Commission

To file a complaint regarding our privacy practices, please visit:
https://www.ftccomplaintassistant.gov/Information?OrgCode=#crnt&panel1-1

Do Not Sell or Share My Personal Information

You may opt-out of the sale or sharing of your personal information as defined under California law by emailing us or using the contact form linked here.

Please note: We do not sell or share any health-related data for advertising or marketing purposes.