Privacy Policy

1. Introduction

Welcome to the Privacy Policy of Beauty Lounge Med Spa Inc. (“Beauty Lounge Med Spa,” “we,” “our,” or “us”). This policy outlines how we collect, use, and safeguard your personal information when you interact with our digital platforms, services, and applications (collectively referred to as the “Services”).

This Privacy Policy is part of our Terms of Service, and any capitalized terms not defined here will carry the same meaning as set forth in the Terms of Service.

Please read this Privacy Policy carefully. By using our Services, you agree to the terms outlined below. If you do not agree, please refrain from using the Services.

2. Information We Collect and How We Collect It

We gather information from and about you through a variety of methods when you interact with our Services. Certain types of personal information are essential for us to provide our Services effectively. If you choose not to provide this information—or request its deletion—you may not be able to access some or all of our offerings.

2.1 Information You Provide to Us Directly

We collect information you voluntarily provide through activities such as:

  • Creating or managing an account
  • Registering products or services
  • Placing orders or submitting treatment requests
  • Communicating with us via forms, chat, or email
  • Participating in surveys, research studies, promotions, or sweepstakes
  • Requesting customer support or technical help
  • Uploading content to our platforms
  • Applying for employment opportunities

2.2 Types of Information Collected

Depending on how you use our Services and what you choose to share, the personal information you provide may include:

  • Basic Contact Information: Name, mailing address, phone number, date of birth, and email address
  • Health & Medical Data: Information about medical conditions, treatments, physician referrals, medications, lab results, medical photos, lifestyle details, and emotional/physical characteristics
  • Account Credentials: Username and password for your account
  • Billing & Financial Details: Shipping address, credit/debit card information, and payment verification (collected via secure third-party processors)
  • Identity Verification: Government-issued ID, driver’s license number, or signature (e.g., for notarized documentation)
  • Purchase History: Details about transactions and purchases with us
  • Customer Service Interactions: Records of support or service-related conversations
  • Demographic Information: Gender, age, race/ethnicity, marital status, number of children, and similar data relevant to our Services
  • Emergency Contacts & Referrals: Information about others you refer, or list as contacts
  • User-Generated Content: Content you post in public areas of our Services or share with other users
  • Location Data: Geolocation and related information
  • Other Voluntary Information: Any additional details you choose to provide when using our Services

3. Information We Collect Through Automated Technologies

When you use our Services, we automatically collect certain information about how you interact with them and the devices you use to access them. This section explains the types of data collected and the technologies we use to gather that data.

We partner with trusted third-party service providers who assist us in collecting this information using technologies such as cookies, SDKs, pixels, and other tracking tools.

3.1 Website and Device Information

When you visit our website or use our Services, we may collect details including:

  • IP address
  • Browser type and language
  • Operating system
  • Device and hardware identifiers
  • Software attributes
  • Referring and exit pages
  • Landing pages and page navigation patterns
  • Files downloaded
  • Domain names
  • Time spent on specific pages
  • Date and time of access
  • Time zone
  • Error logs
  • Search terms used on our site
  • General location (state, city, or country)

This data helps us understand how users engage with our Services and allows us to improve functionality, user experience, and performance.

3.2 Location Information

We and our service providers may also collect general location data automatically from your device, including:

  • IP address
  • GPS signal (if enabled)
  • WiFi and cell tower proximity
  • City, state, and/or postal code

We use this information to tailor your experience—for example, by showing location-specific content or calculating appropriate sales taxes.

If we ever collect precise GPS data, we will always ask for your permission first. This data may be used to:

  • Deliver location-based content
  • Provide personalized offers
  • Enhance your overall user experience

You can withdraw permission for GPS data collection by turning off location settings on your device. Refer to your device manufacturer’s instructions for guidance.

3.3 Cookies and Similar Tracking Tools

To support the collection of this information, we and our partners use various tracking technologies, including:

  • Web Server Logs: Record user activity on our website.
  • SDKs (Software Development Kits): Embedded code within our apps or platforms to track how users interact with Services.
  • Cookies: Small text files stored on your device that help us:
    • Recognize your browser or device
    • Save preferences and settings
    • Understand usage behavior
    • Deliver and measure relevant ads
    • Perform analytics
    • Enhance security
  • Tracking Pixels/Web Beacons: Tiny invisible images embedded in emails, websites, or ads to:
    • Track ad impressions, click behavior, and email open rates
    • Measure content engagement
    • Monitor the effectiveness of marketing campaigns

As technology evolves, we may introduce new tools to collect similar types of information.

Upon first visiting our Services, you will be prompted to accept, decline, or customize your cookie settings through our Cookie Consent Manager. You may adjust your preferences at any time by clicking [insert method of access for Cookie Consent, e.g., “Cookie Settings” link in website footer].

For more details, please refer to our [Cookie Notice].

4. Information We Collect from Social Media and Third-Party Platforms

When you engage with Beauty Lounge Med Spa through social media platforms such as Facebook, Instagram, Twitter, or others by “liking,” “following,” commenting, or posting content related to us, we may collect limited personal information. This may include:

  • Your name
  • Email address
  • Publicly available profile information
  • Comments, messages, or content you post that relates to our brand or Services

Additionally, if you participate in promotions, giveaways, or submit information to us via social media, that data may also be collected and stored.

Third-Party Logins and Connections

If you choose to access our Services using a third-party login or authentication tool (e.g., logging in via a social media account), you may be granting us permission to access certain information from that third-party account. This could include:

  • Your name
  • Email address
  • Profile photo
  • Location
  • Friends list (if permitted by the platform)

The information we receive depends on your individual privacy settings with those services. If you prefer not to share this data, we recommend avoiding social or third-party login methods.

To understand how these third-party platforms handle your data, please refer to their respective privacy policies and terms of service, which may also allow you to adjust your sharing preferences.

5. Information We Receive from Other Sources

To provide you with a seamless and comprehensive experience, we may receive information about you from trusted third-party partners, including but not limited to:

  • Licensed medical professionals and physicians
  • Pharmacies and health service providers
  • Payment processors and financial institutions
  • Analytics and search engine providers
  • Advertising and marketing networks
  • Strategic partners and affiliates

These third parties may share relevant information with us—such as treatment history, prescription status, or marketing performance data—to help us deliver and improve our Services, customize your experience, and enhance our communications with you.

6. How We Use Your Information

Unless you opt out through our Cookie Consent preferences, we use your information to operate, improve, and personalize your experience with our Services. These uses include:

6.1 Core Service Functions

  • Delivering and managing your access to the Services
  • Facilitating health care services provided by licensed professionals
  • Supporting providers in delivering health care operations
  • Verifying your identity, processing payments, and fulfilling orders

6.2 Communication & Support

  • Responding to inquiries or service-related communications
  • Sending messages on behalf of physicians, pharmacies, or other healthcare partners
  • Providing customer service and technical support

6.3 Marketing & Personalization

  • Notifying you of promotions, surveys, events, or product updates (in accordance with applicable laws)
  • Delivering personalized content and more relevant advertisements
  • Measuring and analyzing the performance of our content and ads

6.4 Service Improvement & Research

  • Conducting internal research and analytics to better understand user needs
  • Enhancing the functionality, usability, and security of the Services
  • Presenting content in an optimal format across devices
  • Complying with legal obligations and regulatory requirements
  • Preventing fraud, misuse, or other prohibited activities
  • Protecting our legal rights or the rights of others

6.6 Additional Uses

  • Any other purpose disclosed at the time of collection or with your consent
  • Use of health information in accordance with applicable state and federal privacy laws

Combined Information

We may combine data collected through the Services with information from other online or offline sources. This combined data will be used and shared in accordance with this Privacy Policy and applicable consent requirements.

Aggregate & De-Identified Data

We may anonymize or aggregate personal data so that it no longer identifies you. This Aggregate/De-Identified Information may be used for research, analytics, marketing, and shared with third parties such as advertisers and promotional partners.

7. Online Analytics and Advertising

7.1 Online Analytics

We use third-party analytics tools, including Google Analytics (with features like Google Signals and User-ID) and Mixpanel, to better understand how users interact with our Services. These tools may use cookies, pixels, and similar technologies to:

  • Analyze usage behavior across browsers and devices
  • Perform auditing, research, and reporting
  • Prevent fraud
  • Deliver and improve features tailored to your needs

If you have a Google account with personalized ads enabled, Google Signals allows us to collect cross-device engagement data. To opt out:

  • Google Analytics Opt-out: Install the Google Analytics Opt-out Browser Add-on
  • Google Signals Opt-out: Go to your mobile device → SettingsGoogleAds → Turn ON “Opt out of Ads Personalization”
  • You may also disable cross-device tracking through your device’s privacy settings

Additionally, if you receive email communications from us, we may use tracking technologies (like clear GIFs) to gather data such as when you open an email or click a link. This helps us measure the effectiveness of our campaigns.

7.2 Online Advertising

We may work with third-party advertising platforms (e.g., Facebook, Google Ads, TikTok) that use cookies, pixels, and other tools to show you relevant ads both on our Services and across the web.

These ads may be personalized based on:

  • The content you view
  • Information you’ve provided (e.g., searches, demographic details)
  • Your interactions over time across websites and apps

We may also share hashed customer data (like email addresses) with advertising partners to match your data with advertising identifiers. This helps serve more relevant ads and exclude current customers from certain campaigns.

Opting Out of Targeted Ads

To opt out of personalized advertising, you can:

Note: We do not control these third-party opt-out mechanisms, nor can we guarantee their effectiveness or availability over time. Even after opting out, you may still see general (non-targeted) ads.

7.3 Mobile Advertising

When using mobile apps, you may see in-app personalized ads based on your activity. We may work with third-party providers to deliver or analyze these ads.

Each mobile platform offers its own method to limit personalized advertising:

  • iOS (Apple devices) – Go to SettingsPrivacy & SecurityApple Advertising
  • Android – Go to SettingsGoogleAds → Turn ON “Opt out of Ads Personalization”
  • Windows – Refer to Microsoft’s support resources

We do not control how these settings are implemented. Please consult your device’s documentation or support team for assistance.

8. How We Share Your Information

We may disclose your personal information for business purposes as outlined below:

8.1 Affiliates and Subsidiaries

We may share your information with our affiliated companies, including our parent company and its subsidiaries, to:

  • Deliver products and services
  • Maintain consistent service quality
  • Enhance offerings and improve your experience

8.2 Health Care Providers and Services

We may disclose your information to health care professionals and related services to:

  • Schedule and fulfill appointments
  • Facilitate communications with providers you contact through our platform
  • Support treatment, payment, and healthcare operations (including pharmacy services)

8.3 Service Providers

We work with select third-party vendors to perform services on our behalf. These providers may access your information to support:

  • Billing, order processing, and fulfillment
  • Customer service and technical support
  • Marketing, advertising, and analytics
  • IT infrastructure and data security
  • Legal, auditing, and consulting services
  • Health care and pharmacy-related operations

All service providers are contractually obligated to handle your information securely and only for the purposes specified.

8.4 Advertising Partners

Please refer to the “Online Advertising” section above for details on how your information may be shared with advertising networks and platforms for targeted marketing.

8.5 Joint Marketing & Product Partners

We may collaborate with third parties to jointly offer services or products. These partners may use the information they collect in accordance with their own privacy policies and terms.

We may access, retain, or disclose your information if required by law or when we believe such action is necessary to:

  • Comply with legal processes or law enforcement requests
  • Enforce our Terms of Use or Privacy Policy
  • Respond to claims or protect third-party rights
  • Fulfill customer service requests
  • Protect the safety, rights, or property of Beauty Lounge Med Spa, our users, or the public

This may include exchanging information with other organizations for fraud prevention and cybersecurity purposes.

8.7 Business Transfers

In the event of a business transaction—such as a merger, acquisition, asset sale, or similar deal—customer data, including your personal information, may be transferred as part of the transaction. We will comply with all legal obligations related to such transfers.

8.8 Public Forums and User Content

Some areas of our Services allow you to post content that may be visible to others, such as:

  • Reviews
  • Comments
  • Testimonials

Please be aware that any information shared in these public or user-shared forums is not confidential and may be visible to the public or searchable via third-party search engines. We are not responsible for how others may use information you choose to disclose in this way.

We may share your information in any other manner you explicitly direct or authorize us to.

8.10 Aggregate or De-Identified Data

We may use and share data that has been aggregated or de-identified so it can no longer be linked to you. This data may be used for research, analytics, marketing, or shared with partners at our discretion.

9. Your Privacy Rights

Depending on your state or country of residence, you may have certain rights under local privacy laws. These rights may allow you to request the following:

  • Opt out of direct marketing, including any profiling related to marketing
  • Correct or update inaccurate or outdated personal information
  • Delete personal information we hold about you (subject to certain exceptions)
  • Restrict or object to how we process or disclose specific types of information
  • Transfer your data to another service provider
  • Withdraw your consent to any previously authorized data processing

We will respond to all requests within the timeframes required by applicable law. However, please note that in some cases, certain data may be exempt from deletion or modification—for example, when we need to retain it for legal compliance or to protect legitimate business interests.

Before we can fulfill your request, we may need to verify your identity. Please include your full name, email address, and state of residence when submitting your request to help us process it efficiently.

To exercise any of your data rights, please contact us at:
legal@beautyloungemed.com

Appealing a Denied Request

If your request is denied, you may have the right to appeal the decision. To do so, please email legal@beautyloungemed.com with the subject line:
“Data Rights APPEAL”
Be sure to include the original decision and your reason for appeal.

We will review your appeal in accordance with your state’s laws. If you are not satisfied with the outcome, you may also file a complaint with your state’s Attorney General. You can find their contact information by searching “Find My AG” online.

California Residents: Shine the Light Disclosure

Under California’s “Shine the Light” law, residents of California may request details about how we share certain categories of personal information with third parties for their direct marketing purposes.

To make a Shine the Light request, please email us at legal@beautyloungemed.com with “Shine the Light Request” in the subject line.

10. Third-Party Services & Health Information Notice

Our Services may contain links to or integrate with third-party platforms, applications, or services—including:

  • Physicians and other healthcare providers
  • Mobile device manufacturers
  • Software providers and operating systems
  • Third-party websites or mobile applications

Please note that this Privacy Policy does not apply to the data practices of these third parties. We do not control—and are not responsible for—the privacy, security, or information handling policies of any external entities.

These third parties may independently collect, use, or disclose your personal or health information. Their practices are governed by their own privacy policies and terms of use, which we strongly encourage you to review.

Important: We make no guarantees regarding how your information is handled once it is shared with or collected by a third party. Always review their privacy and security policies before interacting with their services.

11. How We Protect Your Information

We implement a range of technical, administrative, and physical safeguards to help protect your personal information from:

  • Accidental or unlawful destruction
  • Accidental loss or alteration
  • Unauthorized access, disclosure, or misuse

While we are committed to maintaining strong security practices, it’s important to understand that no method of transmission over the internet or method of storage—electronic or physical—is 100% secure. Therefore, by using our Services, you acknowledge and accept that:

  • We cannot guarantee the absolute security of your data
  • Any transmission of information to or through our Services is done at your own risk

User Responsibility

If you’ve been provided with—or have created—a password to access parts of our Services, you are responsible for keeping that password confidential. Please do not share your login credentials with anyone.

Also note that any information you choose to share in public areas of the Services may be visible to others, and we cannot control how it is used by third parties.

12. Jurisdictional Information

Services Limited to California

Our Services are currently available only within the state of California, as outlined in our Terms and Conditions. As such, this Privacy Policy—and our collection, use, and disclosure of your personal information—is governed by United States law.

13. California Privacy Rights (CCPA)

If you are a California resident and your personal information is subject to the California Consumer Privacy Act (CCPA), you are entitled to certain rights regarding that information.

How “Sale” and “Sharing” Are Defined

The CCPA defines the terms “sell,” “share,” and “personal information” broadly. Under these definitions, some of our data-sharing practices described in this policy may qualify as a “sale” or “sharing” of personal information—even though we do not sell personal information in the traditional sense.

We may allow advertising and analytics partners to collect certain types of data when you interact with our website or apps, such as:

  • IP addresses
  • Cookie and mobile identifiers
  • Browsing and usage behavior
  • Non-product identifying transaction data
  • Device and geolocation information

If you do not want us or our partners to “sell” or “share” your personal information for advertising purposes, you can:

  • Submit a request directly to us
  • Use the Global Privacy Control (GPC) signal in your browser

Please note: These opt-out actions will only apply to future data sharing and do not prevent the use of previously “sold” or “shared” data, nor do they completely eliminate interest-based advertising.

We do not knowingly sell or share personal information of minors under the age of 18.

Direct Marketing Disclosures (Shine the Light)

In accordance with California’s “Shine the Light” law, we confirm that we do not disclose personal information to third parties for their direct marketing purposes.

California residents may request additional details about our compliance with this law by contacting us at:
legal@beautyloungemed.com

Businesses are only required to respond to one request per customer per year and only if the request is sent to the designated email address.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • Changes in laws or regulations
  • Updates to our data practices
  • Modifications to our Services or technology
  • Other relevant operational or legal developments

When we make changes, we will post the updated Privacy Policy on our Services and update the “Last Revised” date at the top of the document. We encourage you to review this policy periodically to stay informed about how we protect and use your information.

If any material changes are made, we will notify you as required by applicable law—such as by email or a notice on our website or app.

Your continued use of our Services following any updates to the Privacy Policy signifies your acceptance of those changes.

If you have any questions or concerns regarding this Privacy Policy or our privacy practices, please reach out to us at:

Beauty Lounge Med Spa Inc.
151 Aptos Village Way, Suite 306
Aptos, CA 95003
legal@beautyloungemed.com

Phone Custom