Privacy Policy

Introduction

Lodi MedSpa ("we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website, use our services, or communicate with us.

By using our website or services, you agree to the practices described in this policy. If you do not agree, please do not use our services.

Information We Collect

We may collect the following types of information:

• Personal Information: Name, email address, phone number, date of birth, and mailing address when you book a consultation, fill out a form, or contact us.
• Health Information: Medical history, treatment preferences, skin concerns, allergy information, and other health-related data necessary to provide safe and effective treatments. This information is protected under HIPAA (see our HIPAA Notice of Privacy Practices).
• Payment Information: Credit card numbers, billing addresses, and transaction history processed through our secure payment processors. We do not store full credit card numbers on our systems.
• Usage Data: IP address, browser type, pages visited, time spent on pages, and referring URLs collected automatically when you browse our website.
• Communication Data: Records of phone calls, text messages, and emails exchanged with our office or AI receptionist, including call recordings and transcripts.

How We Use Your Information

• Providing, scheduling, and managing your aesthetic treatments
• Communicating with you about appointments, treatment plans, and follow-up care
• Processing payments and managing your account
• Sending appointment reminders, confirmations, and post-visit follow-ups via SMS or email
• Responding to your inquiries and providing customer support
• Improving our website, services, and patient experience
• Complying with legal obligations, including healthcare regulations
• Sending promotional communications (only with your consent; you may opt out at any time)

Disclosure of Your Information

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party vendors who assist with payment processing, appointment scheduling, SMS messaging, and website hosting under strict confidentiality agreements.
• Healthcare Providers: When necessary for your treatment, referrals, or continuity of care, as permitted by HIPAA.
• Legal Requirements: When required by law, subpoena, court order, or to protect our rights and safety.

HIPAA and Protected Health Information

As a medical spa, we are subject to the Health Insurance Portability and Accountability Act (HIPAA). Your protected health information (PHI) is handled in accordance with HIPAA regulations. For detailed information about how we use and protect your health information, please review our HIPAA Notice of Privacy Practices.

Cookies and Tracking Technologies

Our website may use cookies, web beacons, and similar technologies to improve your browsing experience, analyze website traffic, and understand how visitors interact with our site. You can control cookie preferences through your browser settings. Disabling cookies may affect certain website functionality.

Third-Party Services

Our website may contain links to third-party websites or services (such as booking platforms or payment processors). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

Data Security

We implement administrative, technical, and physical safeguards to protect your personal and health information from unauthorized access, disclosure, alteration, or destruction. These measures include encrypted data transmission, secure storage systems, access controls, and regular security assessments. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. Treatments for minors require parental or guardian consent and supervision.

Your Rights

Depending on your location, you may have rights regarding your personal information, including the right to access, correct, delete, or restrict processing of your data. California residents have additional rights under the California Consumer Privacy Act (CCPA). To exercise any of these rights, contact us using the information below.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us: